This position is to provide cybersecurity support to systems that provide a cohesive navigation and tactical C2 capability to client assets. The system is based on a common architecture which is integrated and synchronized across three, otherwise independent, applications. This integrated system provides operational users with a common tactical picture of the maritime domain enabling them to make fast and effective decisions during high-risk shipboard operations. This forms the backbone that provides the operators with situational awareness at sea for effective execution of missions. Another application provides the Maritime Domain Awareness to meet the information needs of operational decision makers at sea, on shore, and in the air. This application gathers, processes, and presents real-time, near real-time, and stored mission critical information to aid in mission planning, coordination, and prosecution using a Common Operational Picture (COP) that is shared among clients.
These systems require developmental, testing, and integration support due to a continuously evolving system of systems design maintenance. This is currently achieved through the use of Agile Development Methodologies (e.g., Scrum) with multiple sprint teams supporting development and IA patching.
Conduct CS/A&A analysis support in IA controls analysis, conducting risk assessments, risk mitigation analysis, or developing contingency plans.
Develop information security patches that self-install required operating system and application updates and Security Technical Implementation Guides (STIGs) to production
Assist in the testing, release, and deployment of the Defense Information System Agency’s (DISA) Security Technical Information Guides (STIGs) to system
Perform a functional analysis of the system following each released patch to confirm that no adverse effects are observed on system performance.
Prepare analysis and accreditation support
Provide technical input for Cybersecurity documentation such as Authority to Operate/Authority to Operate-C memos, Contingency Plan & Tests, Incident Response Plan & Tests, and multiple reports such as System Status Reports, System Scan Reports, IAVM Reports, Waivers, and Risk Acceptance Memos.
Build a comprehensive Cybersecurity audit and support documentation; record the auditing procedures applied, evidence obtained, and conclusions reached. Contract personnel assisting in the building of the audit shall be Certified Information Security Auditor (CISA) certified.
Provide IA and STIG Testing
Provide information assurance (IA) and information security engineering analysis of production systems and lab-based, new development systems.
Perform information security engineering analysis based on IA vulnerability scans, Security Technical Implementation Guides (STIGs), and IA best practices consistent with US Coast Guard IA regulations and policies. Compliance report shall provide feedback to software development, hardware engineering, and testing cycles of Agile Development Methodology to maintain robust IA posture.
Scan each platform as requested by the COR to assess the cybersecurity posture and provide recommendations/strategy to mitigate any and all vulnerabilities found.
Prepare for a Command Cyber Readiness Inspection (CCRI) for each platform that systems has been installed on by documenting, scanning, and providing daily updates on scans
Basic Qualifications and Requirements:
At least five (5) years’ experience in information assurance or cyber security.
Certified Information Security Audit (CISA) certification or obtain certification within 60 days of hire.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.