The Department of State (DoS) global diplomatic workforce requires secure and reliable access to critical foreign policy information at anytime from anywhere. As such, a secure global infrastructure is an essential element in supporting U.S. foreign policy goals and objectives. Since January 2008, in support of the Bureau of Diplomatic Security Directorate of Cyber and Technology Security (DS/CTS), CSRA has provided comprehensive cyber protection services for DoS IT assets worldwide. CSRA’s services focus on strengthening overall cyber situational capability through technical, engineering, logistical, operational security management, advanced threat detection, analysis, and mitigation, and administrative services for DoS enterprise-wide cybersecurity programs. Major cybersecurity activities include strategic planning and regulatory compliance; network security monitoring; 24x7x365 cyber incident detection and response; compliance and vulnerability scanning; network infrastructure security technologies evaluation, test, integration, and deployment; cybersecurity policy and standards development; and cybersecurity awareness training. CSRA also provides advanced cyber threat detection, analysis, and mitigation plus in-depth investigative analysis to support cyber forensic analysis, criminal investigations, and insider threat detection. With the breadth and depth of CSRA cyber security services enabling DoS information technology modernization and cloud adoption, there is ample opportunity for career advancement.
The Mid-Level Cybersecurity A&A Specialist will provide analysis, coordination, and technical documentation of security controls related to the ongoing Assessment and Authorization (A&A) activities of two major information systems. In support of the customer’s ongoing continuous monitoring and compliance with the NIST Risk Management Framework (RMF), the A&A specialist will be responsible for documenting security controls, both implemented and planned. They will also be responsible for collecting, processing, and maintaining artifacts that demonstrate continuous compliance with established policies and procedures. (e.g. Contingency plan training and test results.) The Cybersecurity A&A Specialist will also actively participate in ongoing system change reviews, providing verbal and written recommendations.
The ideal candidate will have base knowledge of the NIST RMF, cybersecurity principles and best practices. They will need a working knowledge of the NIST prescribed A&A processes, including security categorization, control selection, tailoring, documentation, assessment, and continuous monitoring. Proven experience working across one or more civilian government agencies is a plus.
US Citizenship and ability to obtain National Security Clearance at the Top Secret level.
3-5 years’ experience supporting the A&A processes within a major federal agency, in accordance with the NIST RMF.
Strong technical writing skills and facilitation skills.
Understanding of contingency plan development, training, and testing.
1 – 3 years of experience with Committee for National Security Systems (CNSS) security processes and requirements.
Solid understanding of enterprise change management
Solid understanding of Active Directory
Solid understanding of the Federal Risk and Authorization Management Program (FedRAMP) processes and requirements
Certified Authorization Professional (CAP)
Certified Cloud Security Professional (CCSP)
Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SCCP), or equivalent certification
Certificate of Cloud Security Knowledge (CCSK) or equivalent certification
Clearance level required for each position: Interim Secret to start, final Top Secret
Location: Rosslyn, VA
Workdays: Monday - Friday
Labor Category: Mid E/A
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.