General Dynamics Information Technology
IT Risk and Compliance Specialist Senior Principal
General Dynamics Information Technology, Bossier City, Louisiana, United States, 71111
Overview
IT Risk and Compliance Specialist Senior Principal role at General Dynamics Information Technology (GDIT). The position focuses on transforming technology into opportunity by independently managing the full Risk Management Framework (RMF) lifecycle for multiple systems, in support of GDIT’s Technology Shared Services (TSS), Governance, Risk, and Compliance (GRC) team. The ideal candidate will operate in a dynamic environment with deep expertise in risk management and regulatory compliance to protect information assets. Responsibilities
Manage the security posture and authorization lifecycle for multiple cloud and on‑premises information systems. Conduct continuous monitoring activities, including vulnerability scan analysis, audit log reviews, and security control assessments. Develop, maintain, and update security documentation, including System Security Plans (SSPs), Plan of Action & Milestones (POAMs), and Risk Assessment Reports (RARs). Periodically assess risk to organizational operations and assets in accordance with risk management policies. Monitor emerging security threats and technology advancements to recommend and implement process and tool improvements. Ensure system compliance with NIST SPs, FedRAMP requirements, DISA STIGs, and CIS Benchmarks. Assess and mitigate system vulnerabilities; track remedial actions to closure. Support incident response, contingency planning, and disaster recovery efforts. Serve as the primary security advisor to system owners, developers, and administrators; interface with auditors during assessments and authorization events. Provide security-focused input for new business proposals and solutions. Qualifications
Education: Technical training, certificate, or degree in information/cyber security or a related field. Experience: Minimum 8+ years in IT risk management, IT compliance, or information security, with leadership experience (e.g., ISSO, ISSE, ISSM). Certifications: CISSP, CISM, and/or CISA (or equivalent). Experience managing security projects and delivering customer security requirements; familiarity with change/configuration management and security impact analysis. Strong problem‑solving, analytical, and communication skills; ability to collaborate across multi‑functional teams and present to executives. Experience with security tools and technologies (e.g., Firewalls, VPNs, SIEM, EPP, vulnerability & compliance scanning, IAM). Knowledge of cloud security, security boundary protections, and incident response coordination. Experience supporting new business opportunities, RFP responses, and costing/pricing. Knowledge Areas
IT risk management frameworks and regulatory requirements (e.g., NIST, ISO 27001, COBIT, FISMA). Security and privacy controls (e.g., CIS Level 2, DISA STIG). Security authorization processes (e.g., FedRAMP, DoD) and related audits. Contingency planning and disaster recovery. Preferred Qualifications
Ability to obtain and maintain a Top Secret security clearance. Experience in large‑scale IT risk and compliance programs; additional certifications such as CISA, CISSP, CISM, CGRC, CRISC. Familiarity with security tools (e.g., Splunk, CrowdStrike, Qualys, Tenable) and governance platforms (e.g., Archer, eMASS). Experience in government or highly regulated environments (e.g., DoD, DHS). Knowledge of cloud security best practices and security automation/orchestration. Location
Hybrid at Bossier City, LA or Falls Church, VA. Candidates in LA, DC, MD, or VA not within range of GDIT offices may be considered for remote work. Other details
Scheduled Weekly Hours: 40 | Travel: Less than 10% | Telecommuting: Hybrid | Work Location: USA LA Bossier City; Additional locations include DC Home Office, LA Home Office, MD Home Office, Falls Church VA, VA Home Office. Salary range: $131,750 - $178,250 (range depends on experience, location, and contractual requirements). Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans Reference to GDIT’s total rewards, growth opportunities, and company culture is provided for context of the role. For more information, visit gdit.com/tc.
#J-18808-Ljbffr
IT Risk and Compliance Specialist Senior Principal role at General Dynamics Information Technology (GDIT). The position focuses on transforming technology into opportunity by independently managing the full Risk Management Framework (RMF) lifecycle for multiple systems, in support of GDIT’s Technology Shared Services (TSS), Governance, Risk, and Compliance (GRC) team. The ideal candidate will operate in a dynamic environment with deep expertise in risk management and regulatory compliance to protect information assets. Responsibilities
Manage the security posture and authorization lifecycle for multiple cloud and on‑premises information systems. Conduct continuous monitoring activities, including vulnerability scan analysis, audit log reviews, and security control assessments. Develop, maintain, and update security documentation, including System Security Plans (SSPs), Plan of Action & Milestones (POAMs), and Risk Assessment Reports (RARs). Periodically assess risk to organizational operations and assets in accordance with risk management policies. Monitor emerging security threats and technology advancements to recommend and implement process and tool improvements. Ensure system compliance with NIST SPs, FedRAMP requirements, DISA STIGs, and CIS Benchmarks. Assess and mitigate system vulnerabilities; track remedial actions to closure. Support incident response, contingency planning, and disaster recovery efforts. Serve as the primary security advisor to system owners, developers, and administrators; interface with auditors during assessments and authorization events. Provide security-focused input for new business proposals and solutions. Qualifications
Education: Technical training, certificate, or degree in information/cyber security or a related field. Experience: Minimum 8+ years in IT risk management, IT compliance, or information security, with leadership experience (e.g., ISSO, ISSE, ISSM). Certifications: CISSP, CISM, and/or CISA (or equivalent). Experience managing security projects and delivering customer security requirements; familiarity with change/configuration management and security impact analysis. Strong problem‑solving, analytical, and communication skills; ability to collaborate across multi‑functional teams and present to executives. Experience with security tools and technologies (e.g., Firewalls, VPNs, SIEM, EPP, vulnerability & compliance scanning, IAM). Knowledge of cloud security, security boundary protections, and incident response coordination. Experience supporting new business opportunities, RFP responses, and costing/pricing. Knowledge Areas
IT risk management frameworks and regulatory requirements (e.g., NIST, ISO 27001, COBIT, FISMA). Security and privacy controls (e.g., CIS Level 2, DISA STIG). Security authorization processes (e.g., FedRAMP, DoD) and related audits. Contingency planning and disaster recovery. Preferred Qualifications
Ability to obtain and maintain a Top Secret security clearance. Experience in large‑scale IT risk and compliance programs; additional certifications such as CISA, CISSP, CISM, CGRC, CRISC. Familiarity with security tools (e.g., Splunk, CrowdStrike, Qualys, Tenable) and governance platforms (e.g., Archer, eMASS). Experience in government or highly regulated environments (e.g., DoD, DHS). Knowledge of cloud security best practices and security automation/orchestration. Location
Hybrid at Bossier City, LA or Falls Church, VA. Candidates in LA, DC, MD, or VA not within range of GDIT offices may be considered for remote work. Other details
Scheduled Weekly Hours: 40 | Travel: Less than 10% | Telecommuting: Hybrid | Work Location: USA LA Bossier City; Additional locations include DC Home Office, LA Home Office, MD Home Office, Falls Church VA, VA Home Office. Salary range: $131,750 - $178,250 (range depends on experience, location, and contractual requirements). Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans Reference to GDIT’s total rewards, growth opportunities, and company culture is provided for context of the role. For more information, visit gdit.com/tc.
#J-18808-Ljbffr