Information Security & Compliance Analyst

Job Description

The purpose of the Information Security and Compliance Analyst position is to support risk assessment and compliance activities for the Bath Iron Works (BIW) information security program. Primary responsibilities include preparing for and supporting internal and external IT security audits; participating as an IT point of contact for new technology initiatives; developing and updating IT policies and procedures and assisting with IT risk assessment activities. This position is part of a team at BIW that is responsible for information security and compliance. 

Job Responsibilities include, but are not limited to:

• Collaborate with GD Corporate and other external audit agencies.
• Perform compliance preparation tasks and tests for various audits (e.g., Sarbanes-Oxley Audit, GD Cybersecurity Audit, CMMC Audit).
• Collect and develop documentation in support of IT security and compliance audits.
• Assist with implementation of counter-measures or mitigating controls.
• Interface with the business on IT security control and compliance requirements.
• Assist with conducting and documenting computer security incident response activities.
• Assist with development and implementation of the IS System Security Plan (SSP).
• Conduct reviews to ensure information systems conform to the documented SSP.
• Conduct and document information system access and integrity reviews.
• Assist with design and delivery of cyber metrics to ensure continuous compliance.
• Conduct technology risk assessments in support of BIW Procurement initiatives.
• Other duties as assigned.

Required/Preferred Education/Training

• Bachelor’s degree in Cybersecurity or Information Technology or equivalent combination of experience and education.

• This position requires you to be able to obtain a government security clearance.  You must be a US Citizen for consideration and you must be able to obtain an interim security clearance within the first 45 days of hire.  For more information regarding the security clearance process, please visit Investigations & Clearance Process (dcsa.mil)

Required/Preferred Experience

• 3-5 years of experience working in Information Security and/or Information Technology is required.
• Familiarity with Defense Federal Acquisition Regulation Supplement (DFARS) cyber controls is preferred.
• Strong verbal and written communications skills.
• Strong problem-solving skills.
• Must be able to pass a federal drug screening test.

• This position requires you to be able to obtain a government security clearance.  You must be a US Citizen for consideration and you must be able to obtain an interim security clearance within the first 45 days of hire.  For more information regarding the security clearance process, please visit Investigations & Clearance Process (dcsa.mil)