Information Systems Security Engineer

Clearance Level
Top Secret/SCI
Category
Cyber Engineering
Location
Norfolk, Virginia

REQ#: RQ100359

Travel Required: None
Public Trust: None
Requisition Type: Regular

Responsible for ensuring the appropriate operational security posture is maintained within the Command Naval Installation Command (CNIC) Service Delivery Point (SDP).  Responsible for all certification and accreditation activities required in Risk Management Framework to obtain and maintain Authority To Operate (ATO).  Candidate must have TS clearance.

  • Primary support for the SDP enterprise compliance and RMF package support to include (3) NIPR packages and (1) SIPR package.
  • Primary support and performance of annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
  • Primary support for ensuring  guidelines (e.g., STIGs/SRGs)
  • Primary support for maintaining Vulnerability Remediation Asset Manager (VRAM) compliance reporting for all assets within SDP accreditation boundary
  • Primary on all documentation tasking.
  • Primary support to verify all software is approved and in good standing in DON Application and Database Management System (DADMS).  Will be required to submit Last Day Approved (LDA) extensions  prior to software expiring  
  • Provide overall tracking and reporting of cybersecurity postures (accreditation status of infrastructure and systems, HBSS, and ACAS reports)
  • Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval via CMB/CCB
  • Ensure software/hardware are approved in DON Application and Database Management System (DADMS) prior to installation and contingent upon necessary approval via CMB/CCB
  • Ensure IA and IA-enabled software, hardware, and firmware comply with appropriate security configuration guidelines.
  • Initiate protective or corrective measures, upon discovery of  a security incident or vulnerability
  • Interface with and provide security guidance to system administrators to include providing cybersecurity briefs and/or  training to an organization  
  • Assist the CISSM in executing their duties and responsibilities as needed.
  • Work with CISSMs or designated personnel during Command Cyber Readiness Inspections (CCRI)

Knowledge, Skills and Ability:

  • Working knowledge of DoD and Navy security policies and procedures.
  • Working Knowledge of industry standards including but not limited to: Defense Information System Agency (DISA) Security Technical Implementation Guide (STIGs), NIST 800 Series, NIST Cybersecurity Framework and CIS Benchmarks
  • Working knowledge on Assured Compliance Assessment Solution (ACAS) /Security Center
  • Must previous experience on Risk Management Framework (RMF)
  • Must have previous experience with Navy  eMass
  • Must have TS clearance
  • Working knowledge of STIG viewer
  • Working knowledge vulnerator and/or eMaster
  • Excellent written and verbal communication skills.
  • Excellent organizational skills
  • Attention to details
  • Ability to work in fast pace environment with constant changes to environment
  • Familiar with DISA STIGs and ability to assess compliance.
  • Familiar with VRAM (Vulnerability Remediation Asset Manager)
  • Ability to work as the enterprise focal point for all Cybersecurity matters.
  • Ability to interface with system administrators across various site locations.
  • Ability to assist the CISSM with the Monitoring, Reporting, ASR, CCRI.

DESIRED QUALIFICATIONS:

Bachelors degree in Information Systems, Computer Science, or Mathematics, Engineering, related field

6+ years of experience

  • 6 + years’ experience providing support for implementing, and enforcing information systems security policies, standards, and methodologies.
  • Understanding of Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
  • Experience with DoD Risk Management Framework (RMF)
  • Experience using Assured Compliance Assessment Solution (ACAS) Software suite
  • Experience Navy Enterprise Mission Assurance Support Service (eMass)
  • Experience with Vulnerability Remediation Asset Manager (VRAM)
  • TS clearance required
  • Must be DoD 8570 compliant at IA Technical (IAT)/IA Management (IAM) Level 2 by possessing one of the following certifications: CCNA Security, CySA+, GICSP, GSEC, Security+, CND, SSCP - CAP, CASP, CISM, CISSP, GSLC, CCISO, HCISPP

This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Florida, Montana, Tennessee, Texas, or work outside of the United States may be excluded from this requirement.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.