Information Assurance Jr. Cybersecurity Analyst

Overview:

General Dynamics Electric Boat, the nation's premier designer and builder of nuclear submarines, is seeking a highly motivated Information Assurance Jr. Cybersecurity Analyst to join our Department 475 Information Assurance team.

Responsibilities include oversight of cybersecurity operations for Information System (IS) #190 (IS #190).  This position supports multiple Navy contracts managing security operation duties for the classified Naval Nuclear Propulsion Program Network (NNPP Net).  This position requires a thorough understanding of the cybersecurity policies and procedures that are required by the NISPOM, DAAPM, Information System Security Plans, system configuration requirements, corporate directives, pertinent DoD instructions and other contractual security requirements.

Note this position is fully on-site in Groton, CT.  Work from home / remote access is not available.  Standard hours are Monday – Friday 0700 – 1530 with some flexibility.  Position requires daily access to a classified information system which is only accessible on-site.

The Information Assurance team responsibilities include:

• Point of Contact for all security and compliance questions or concerns, such as evaluating invoked security requirements to assess intent and mediate between impacted groups
• Create, implement, improve, and maintain department-wide Policies and Procedures
• Risk Management Framework (RMF) compliance
• Vulnerability Assessment and Management
• Information Security Continuous Monitoring
• Liaison with Cybersecurity Representatives (ISSO/ISSM) and Management (ISO)
• Software and Hardware Baseline Management
• Incident Planning, Response and Management - Initiate Anomaly Reports, coordinate and execute periodic table-top exercises and drills
• Review and analyze various audit logs (movement logs, upgrade/downgrade logs, security seal logs, etc.)
• Assist with Audit preparation
• Research and recommend tools to facilitate cybersecurity best practices
• Ownership of SIEM solution (QRadar) to include:
  • User account management and configuration
  • Report management, customizations and configuration
  • Plug-in management and configuration
• Track and drive on-time completion of POA&M items, compliance and audit findings, etc.
• Lead cybersecurity projects including drafting documentation for network extensions
• Track eMASS security package for IS #190 including related POA&M items
• Maintain relevant department training and documentation

The Jr. Cybersecurity Analyst’s primary responsibilities:

• Be lead / go-to for evaluating all invoked security requirements to assess intent and mediate between impacted groups
• Drive remediation compliance and monitor status of all security relevant issues
• Manage, track, and status all attributes of the IS #190 System Security Plan including RMF controls, artifacts, and the Plan of Actions & Milestones
• Develop and maintain documentation including but not limited to policies, procedures, training, all associated RMF documentation and artifacts, etc.
• Assessing and mitigating security risks
• Monitor all aspects of the vulnerability management system to ensure full compliance with requirements
• Maintaining Security Records of Monitoring and Incident Response Activities
• Support periodic internal and external inspections and audits
• Support A/V and VTC installs as it relates to the information system
• Analyze security system logs, security tools, and data
• Attend training for products and projects related to RMF, Security Awareness, Incident Detection &Response, and Continuous Monitoring etc.
• Pursue personal and professional growth within the IA team and department

REQUIRED:

• High School Diploma or GED
• Must be able to obtain a Secret clearance and be able to obtain a Top Secret clearance
• 1 or more years' experience in a related role
• Cyber Security experience with various frameworks such as Risk Management Framework
• Experience with security hardening guidelines such as DISA STIGs
• Understanding of operating systems, business applications, and network systems
• Internal candidates must be from organizations outside of QP Operations (Gabriel).
  

PREFERRED:

• Bachelor’s degree in Computer Science, Information Assurance or related field.
• Experience generating reports and monitoring events with SEIM tools such as QRadar
• Experience running scans and analyzing results with Vulnerability Assessment tools such as Tenable Security Center
• Experience monitoring host-based security systems such as McAfee ePolicy Orchestrator
• Experience with Jira and Confluence as it relates to workflows and knowledge management systems
• Technical writing experience as it relates to creating documentation as well as policies and procedures

• Flexibility and adaptability in order to thrive in a rapidly changing environment
• Ability to communicate at all levels including with Naval Reactors, upper management, engineers and technicians
• Self-motivation with the ability to work in a fast-moving environment
• Self-starter
• Accountability
• Attention to details
• Strong research & analysis skills
• Strong interpersonal and teamwork skills to mediate between security representative and system administrators
• Understand and clearly communicate security best practices
• Solid reporting and documentation skills
• Demonstrated multitasking and prioritization ability