Req ID: RQ191415
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Top Secret
Public Trust/Other Required: None
Job Family: Information Security
Skills:
Cyber Defense,Information Security,Information Systems
Certifications:
CompTIA Security+ - CompTIA
Experience:
5 + years of related experience
US Citizenship Required:
Yes
Job Description:
GDIT is your place. Make it your own by discovering new ways to apply the latest technology securely and expertly. Own your opportunity at GDIT and you'll be a meaningful part of improving how agencies operate. Our work depends on an Information Systems Security Engineer joining our team.
At GDIT, we foster a people-centric environment. As an Information Systems Security Engineer, you will be responsible for capturing and refining information security requirements and ensuring their integration into information technology component products and information systems through purposeful security design or configuration. You will work closely with other project managers and various software engineering, infrastructure, and technical operations teams to assess requirements, coordinate resources, and deliver information security updates for the customer.
The ideal candidate will have experience performing industry-standard ISSE tasks, as well as experience in tailoring standard process lifecycles to function effectively in a small, fast-paced environment. S/he must have strong written and verbal individual and organizational communication skills and the ability to articulate technical project requirements to both customers and internal teams.
KEY RESPONSIBILITIES
Participating in high-level enterprise architecture analysis, evaluation, design, integration, documentation, and development to include security control design and security package documentation.
Understanding, implementing, documenting, communicating, and assessing NIST 800-53 security controls
Documenting security control implementations and the respective systems, applications, tools, devices, etc. that are part of the comprehensive solution.
Identifying the artifacts that demonstrate security controls are implemented as documented.
Analyzing security controls and the impact major and/or significant changes would introduce to the environment.
Researching remediation options for findings or vulnerabilities identified for security controls.
Assessing and/or authorizing systems in accordance with the Risk Management Framework (RMF).
Applying high-level business and technical principles and methods to very difficult technical problems to arrive at creative information
Recommending, taking action, and documenting the solution to direct the analysis of IA/security control-related issues.
Supporting the IA functions and related security controls for the services deployed above the hypervisor to customers in the DOD on-premise and cloud based offerings.
Consulting with customers in the DOD on-premise and cloud based offers on authorizing their systems through DOD RMF.
EDUCATION AND EXPERIENCE
Active Secret Clearance
Bachelor's degree in a related business or technical discipline (Systems Security Engineering, Software Engineering, or Computer Science, etc.), or the equivalent combination of education, technical training, or work/military experience
REQUIRED QUALIFICATIONS
5+ years or relevant experience.
Ability to work closely with stakeholders, developers, and external teams including customer security managers (ISSMs), organizational leadership, and key personnel.
Identify requirements for documentation associated with system categorization, the System Security Plan, and systems risk assessment as required under NIST 800-53/53A.
Previous experience completing customer Assessment and Authorization (A&A) process from start to end.
Demonstrated on-the-job experience with RMF implementation and tracking tools like Enterprise Mission Assurance Support Service (eMASS).
Assess system compliance with NIST requirements, identifying weaknesses and evaluating planned remedial actions based upon those requirements.
Support control implementation assessment and reporting and monitoring processes using cyber security and assessment management systems.
Understanding of perimeter controls (firewalls), access control mechanisms, and network architectures.
Strong understanding of methodologies for researching and documenting software and hardware vulnerabilities.
Skilled in cross-team collaboration and effective communication to fulfill specific accreditation requirements.
Strong verbal and written communication/cooperation within a team context.
Ability to work within fast-paced customer environments.
Demonstrated skill documenting processes and procedures in CONOPS, system security, contingency, configuration management and other plans.
Demonstrated ability to facilitate customer concurrences required for risk-based decisions requiring waivers.
Experience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirements as documented in NIST 800-53 and its revisions.
Excellent verbal and written communication skills.
Experience with Microsoft Office tools like PowerPoint, Word, Excel, etc.
Secret and must be able to receive favorable Top Secret / SCI adjudication.
Senior level positions require 5+ years of related experience and DoD 8570.01 IAM Lvl III certification.
Travel required.
DESIRED QUALIFICATIONS
Certified Information Systems Security Professional (CISSP) or DoD 8570.01-M IAM Lvl II certification.
Demonstrated on-the-job experience with Jira Software for planning and tracking projects.
Knowledge of the US Military, their network systems and infrastructure, processes and procedures, and request and approval tools.
Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, ACAS (Nessus), and ESS (HBSS).
GDIT IS YOUR PLACE:
401K with company match
Comprehensive health and wellness packages
Internal mobility team dedicated to helping you own your career
Professional growth opportunities including paid education and certifications
Cutting-edge technology you can learn from
Rest and recharge with paid vacation and holidays
The likely salary range for this position is $102,000 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
S:CLZFL-CLZSOUTHEAST