Information System Security Engineer TS/SCI w/ poly

Clearance Level
Top Secret SCI + Polygraph
Category
Systems Engineering
Location
Chantilly, Virginia

REQ#: RQ108618

Travel Required: Less than 10%
Requisition Type: Regular

Basic Qualification

Bachelors of Science degree in a related specialized area or field is required (or equivalent experience) plus a minimum of 5 years of relevant experience; or Masters degree plus a minimum of 3 years of relevant experience.

CLEARANCE REQUIREMENTS:
Candidates must be able to obtain a Department of Defense TS/SCI with Polygraph security clearance.  Must have at least a TS/SCI clearance. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required.

  • Experience developing System Security Plans (SSPs) and supporting Assessment & Authorization (A&A) documentation
  • Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), DIACAP, STIGs and other government security specifications and guidelines
  • Excellent communication skills and comfortable talking with senior leadership and technical subject matter experts
  • Comprehend complex system infrastructure designs consisting of Windows, Linux/RHEL OS, networking equipment (routers, firewalls), and Cross Domain Solutions (CDS).
  • Experience implementing and remediating security controls for Windows/Linux Systems
  • Understand basic network protocols (TCP/UDP, HTTP)
  • Experience with Tenable Nessus
  • Experience with SNOW
Job Description

Join our award-winning Insider Threat Detection program manned by a multi-disciplinary team of system and data engineers, data scientists, software developers, intelligence analysts, and investigators to provide insider threat detection and counterintelligence services. This program provides an opportunity to further advance cutting-edge technology, products, and services for a large Government agency to detect and mitigate insider threats. Our program takes data from multiple sources in any format (structured or unstructured), transforms it into interpretable fragments, and allow our engines, to categorize, quantify, distill, and display results for human analysts to interpret. Team members work closely with esteemed customers to develop solutions that allow them to carry out high-stakes national security missions. Our technology stack is built on cutting edge hardware and software with multiple Windows and Linux environments interfacing with multi-petabyte data processing and analytic platforms all designed, built, and maintained by our team. The field of insider threat detection and mitigation is evolving and growing, and our program needs highly innovative individuals.

Candidates for the Information Systems Security Engineer will ensure all system networks and infrastructure are properly secured and monitored. You will work closely with a team of Windows/Linux System Engineers, Software Developers, and lead Solutions Architect in deploying a secure technical Insider Threat solution. Assist with the Assessment and Authorization (A&A) documentation of multiple system assets through the Risk Management Framework (RMF). Identify and implement system controls across all assets.

REPRESENTATIVE DUTIES AND TASKS:

  • Perform system inspections/ audits to identify controls not met, implement, and remediate controls, and work closely with system engineers/administrators.
  • Perform technical security controls assessments and baseline validations to identify vulnerabilities and control deficiencies as part of continuous monitoring program
  • Participate in internal / external security audits/inspections, create, and maintain Plan of Action and Milestones (POAM) as required
  • Write A&A documentation and ensure the systems operate in accordance with these security plans
  • Interact with technical team members from multi-domain organizations in a diversified, team environment
  • Track and audit all assets across the enterprise and ensure they are compliant, while communicating findings to senior leadership.
  • Maintains records, outlining required patches/system upgrades that have been accomplished throughout the information systems life cycle
  • As a member of the cyber security team, supports the system security design effort, security requirements analysis, and security requirements flow down to the program elements
  • Executes or supports the execution of the development of program required security documentation, including items such as security plans, contingency plans, and security tests plans and procedures in compliance with the IA policy 
  • Generates or supports the generation of Assessment and Authorization (A&A) (or Certification and Accreditation (C&A) documentation for the program
  • Executes the security testing and evaluation to ensure the correct implementation of security requirements
  • Executes security scanning and the analysis of the scan results
  • Supports the Assessment and mitigation of system security threats and risks throughout the program life cycle
  • Contributes to the completion of major programs and projects with the execution of the system security activities
  • Plans and executes project tasks for activities described above 

KNOWLEDGE SKILLS AND ABILITIES:

  • Proficient Microsoft products (Excel, Word, PowerPoint, Visio) and experience JIRA/Confluence is a plus
  • Proficient use and understanding of systems engineering concepts, principles, and theories
  • Proficient knowledge of cyber security technology and trends
  • Contributes to the achievement of business objectives
  • Recognizes and incorporates various security designs and lessons learned
  • Strong written and verbal communications skills
  • Able to sell concepts and ideas
  • Proficient ability in communicating issues, impacts, and corrective actions as they affect the cyber design and implementation
  • Proficient ability to clearly report relevant cyber systems engineering design
  • Regular contact with senior levels of internal security work groups
  • Ability to participate in or lead security work groups 
  • Works under limited direction 
  • Contact with project leaders and other professionals within the Engineering department and with project teams 
  • Maintains contact with the external customers security professionals
  • Creative thinker, good multi-tasker

PREFERRED DEGREE TYPES AND EXPERIENCE:

  • DoD 8570.1M compliant (E.g Security+, CISSP)

COVID-19 Vaccination Requirement: To protect the health and safety of its employees and to comply with customer requirements, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.