This position is located in Bath, Maine and requires candidates to be onsite.
The purpose of the Information Security and Compliance Analyst position is to support risk assessment and compliance activities for the Bath Iron Works (BIW) information security program. Primary responsibilities include preparing for and supporting internal and external IT security audits; participating as an IT point of contact for new technology initiatives; developing and updating IT policies and procedures and assisting with IT risk assessment activities. This position is part of a team at BIW that is responsible for information security and compliance.
Job Responsibilities include, but are not limited to:
- Collaborate with GD Corporate and other external audit agencies.
- Perform compliance preparation tasks and tests for various audits (e.g., Sarbanes-Oxley Audit, GD Cybersecurity Audit, CMMC Audit).
- Collect and develop documentation in support of IT security and compliance audits.
- Assist with implementation of counter-measures or mitigating controls.
- Interface with the business on IT security control and compliance requirements.
- Assist with conducting and documenting computer security incident response activities.
- Assist with development and implementation of the IS System Security Plan (SSP).
- Conduct reviews to ensure information systems conform to the documented SSP.
- Conduct and document information system access and integrity reviews.
- Assist with design and delivery of cyber metrics to ensure continuous compliance.
- Conduct technology risk assessments in support of BIW Procurement initiatives.
- Other duties as assigned.