Cyber Security InfoSec Engineer, with Polygraph

Clearance Level
Top Secret SCI + Polygraph
Category
Information Security
Location
Herndon, Virginia

REQ#: RQ66391

Travel Required: None
Requisition Type: Regular

We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.


GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day.
We think. We act. We deliver. There is no challenge that we can’t turn into opportunity. And our work depends on a Cyber Security InfoSec Engineer joining our team to support Government activities in Herndon, VA.


At GDIT, people are our differentiator. As a Cyber Security InfoSec Engineer supporting the customer, you will be responsible for providing technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems. Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
Responsibilities include:

  • Providing technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.
  • Designing, developing and implementing security requirements within an organization’s business processes.
  • Providing technical and policy interpretation and guidance regarding information security issues in support of ICD 503 accreditation activities.
  • Ensure that operational security for cloud solution is maintained for information systems. Developing and maintaining A&A documentation (SSP, Security Test Procedures, Security Controls Traceability Matrix, etc.) and conduct periodic reviews to ensure compliance attained ATO in full cloud implementation.
  • Providing technical direction in implementing defense in depth strategies for sensitive workloads.
  • Identifying deficiencies/weaknesses discovered in customer’s systems and recommend corrective actions to address identified vulnerabilities and non-compliance of systems, including infrastructure.
  • Utilizing applications and AWS services to support audit and continuous monitoring functions to ensure the security posture of system.
  • Performing insider threat mitigation, and alignment to NIST Standards.

Required skills:

  • Well-versed in AWS technologies and architecture.
  • Ability to convey technical information to non-technical individuals.
  • Ability to work in a dynamic and challenging environment.
  • Strong oral and written communications and interpersonal skills.
  • Experience working with Xacta 360.
  • Experience working with scanning tools such as Nessus, AppDetective, and WebInspect.
  • Demonstrated ability to multi-task and work independently; self starter.
  • Education:  Bachelor’s degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
  • Minimum of 15 years related experience.
  • Security Clearance Level: Top Secret/SCI with Polygraph

Desired skills:

  • AWS Certified Solutions Architect Associate
  • Certified Ethical Hacker (CEH), EC-Council
  • ITIL Certificate – Foundation Certificate in IT Service Management
  • Certified Information System Security Professional (CISSP)

WHAT GDIT CAN OFFER YOU

  • Alignment to a mission-critical role that directly impacts the customer’s ability to effectively execute its mission.
  • Direct engagement with contractor leadership that centers upon career development/mobility, enhanced performance evaluation, and corporate information sharing & networking opportunities.
  • Placement on a dynamic team of talented professionals that organically fosters an environment of innovation, collaboration, and trust.

Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.

Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

Evaluate firewall change requests and assess organizational risk.

Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

Assists with implementation of counter-measures or mitigating controls.

Develops, tests, and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.

Develops and improves processes and direction for projects.

Conducts investigations of computer security violations and incidents, reporting as necessary to management.

Responds to queries and requests for computer security information and reports.

Safeguards the network against unauthorized infiltration, modification, destruction or disclosure.

Researches, evaluates, tests, recommends, communicates and implements new security software or devices.

Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications.

Develops materials for computer security education/awareness programs.

Provides recommendations to clients on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies.

Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Provides expert guidance and leadership to less-experienced team members.

May serve as a task or project leader. (Not a people manager)

Provides information assurance project management, technical security staff oversight, and development of mission-critical technical documents.

Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Ensure compliance with regulations and privacy laws.

Recognized as a subject matter expert in information security.

DESIRED QUALIFICATIONS: BA/BS (or equivalent experience), 15+ years of experience

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.