Security Control Assessor (Active Polygraph Required)
Company: General Dynamics Information Technology
Posted on: January 23, 2023
Type of Requisition: RegularClearance Level Must Be Able to
Obtain: Top Secret SCI + PolygraphPublic Trust/Other Required:
NoneJob Family: Cyber SecuritySeize your opportunity to make a
personal impact as a Security Control Analyst supporting customer
activities. GDIT is your place to make meaningful contributions to
challenging projects and grow a rewarding career.At GDIT, people
are our differentiator. As a Security Control Analyst, you will
help ensure today is safe and tomorrow is smarter. Our work depends
on a SCA joining our highly skilled team to be a premier provider
of cyber security services to the customer. We provide consummate
cyber security risk management as a service platform across
multiple fabrics and centers. We have responsibility to ensure
operational IT capabilities provide the client with necessary
timeliness, accuracy and security of information demanded from all
our highly professional roles. Be the change, lead our change join
us!HOW A SCA WILL MAKE AN IMPACT
- Make recommendations to the IC CISO or designee for improving
TTPS for better cyber threat protection.
- Knowledge of system and application security threats and
- Knowledge of network access, identity, and access management
e.g. public key infrastructure (PKI)
- Knowledge of network protocols such as Transition Control
- Protocol (TCP/IP), Dynamic Host Configuration, Domain Name
System (DNS), and directory Services.
- Knowledge of cybersecurity principles and organizational
requirements (relevant to confidentiality, integrity, availability,
- Report vulnerabilities identified during security
- Write penetration testing Rules of Engagement (RoE), Test
Plans, and Standard Operating Procedures (SOP).
- Conduct security reviews and technical research and provided
reporting to increase security defense mechanisms.WHAT YOULL NEED
- Education : Bachelors (Computer engineering, Computer Science,
Electrical Engineering, Information systems, Information
Technology, Cybersecurity, or a closely related discipline)
- Four years of additional demonstrated work experience in
Security Control Assessor (SCA) and Defensive Cyber Operations
(DCO)Testing will be accepted in lieu of a bachelors degree.
- A Masters degree in an applicable discipline be substituted for
three years of demonstrated work experience.
- Required Experience : 6+ yrs
- Required Technical Skills:
- Three (3) years of cybersecurity experience with at least one
year of experience conducting SCAs under ICD 503/CNSSI 1253 NIST
Cybersecurity Framework, Risk Management Framework (RMF), or a
- One full year of SCA experiences within the last three calendar
- One full year supporting cloud environment and experience
performing security assessments in a cloud environment (AWS,
Google, IBM, Azure, and Oracle).
- Skill in conducting vulnerability scans and recognizing
vulnerability in security systems (e.g., Cloud Environments) AWS,
Google, IBM, Azure, and Oracle.
- Knowledge of general attack strategies (e.g., MITRE ATT&CK
- Knowledge of NISPOM, ICD 503, NIST SP 800-53, ICD 705, and
other ICDs as appropriate.
- Knowledge of Independent Verification & Validation (IV&V)
of security controls.
- Security Clearance Level : TS/SCI with active polygraph
- Required Skills and Abilities:
- Ability to assess the robustness of security systems and
- Three years of experience performing security assessments in a
cloud computing environment.
- Strong writing skills.
- Write final reports and defend all findings, including risk or
vulnerability, mitigation strategies, and references.Report
vulnerabilities identified during security assessments.
- Desired Certifications: Department of Defense (DOD)
8570.01-Manual (M) Information Assurances Workforce Improvement
Program requirement for Information Assurance Manger (IAM) Level
III (CISM, CISSP or Associate GSLC or CCISO)
- Location : Bethesda, MD - On Customer SiteGDIT IS YOUR PLACE:
- 401K with company match
- Comprehensive health and wellness packages
- Internal mobility team dedicated to helping you own your
- Professional growth opportunities including paid education and
- Cutting-edge technology you can learn from
- Rest and recharge with paid vacation and holidaysCOVID-19
Vaccination: GDIT does not have a vaccination mandate applicable to
all employees. To protect the health and safety of its employees
and to comply with customer requirements, however, GDIT may require
employees in certain positions to be fully vaccinated against
COVID-19. Vaccination requirements will depend on the status of the
federal contractor mandate and customer site requirements.We are
GDIT. The people supporting some of the most complex government,
defense, and intelligence projects across the country. We deliver.
Bringing the expertise needed to understand and advance critical
missions. We transform. Shifting the ways clients invest in,
integrate, and innovate technology solutions. We ensure today is
safe and tomorrow is smarter. We are there. On the ground, beside
our clients, in the lab, and everywhere in between. Offering the
technology transformations, strategy, and mission services needed
to get the job done.GDIT is an Equal Opportunity/Affirmative Action
employer. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, disability, or
veteran status, or any other protected class.
Keywords: General Dynamics Information Technology, Bethesda , Security Control Assessor (Active Polygraph Required), Other , Bethesda, Maryland
Didn't find what you're looking for? Search again!