Information Systems Security Engineer (ISSE)

Clearance Level
Secret
Category
Information Security
Location
San Diego, California

REQ#: RQ115184

Travel Required: Less than 10%
Public Trust: SSBI (T5)
Requisition Type: Regular

A ISSE can perform the following:

  • Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Evaluates firewall change requests and assesses organizational risk
  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems
  • Assists with implementation of countermeasures or mitigating controls
  • Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans
  • Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools
  • Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure
  • Researches, evaluates, tests, and implements new security software or devices
  • Conducts investigations of information systems security violations and incidents, reporting as necessary to management
  • Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
  • Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs
  • Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
  • Prepares incident reports of analysis methodology and results
  • Ensure compliance with regulations and privacy laws
  • May coach and provide guidance to less-experienced professionals
  • May serve as a team or task lead

Specifically in this position the ISSE will:

  • Provide guidance and oversight throughout RMF and/or DIACAP A&A activities.
  • Perform validator functions in a DoD environment utilizing DoD approved accreditation methods (DIACAP / RMF).
  • Utilize knowledge of NIST SP 800-53, FIPS 199, SP 800-39, and related policies to develop and validate RMF packages for systems seeking authorization to operate (ATO).
  • Use knowledge of, and access, to NIPR and SIPR eMASS applications. Use knowledge of Assessment and Accreditation tools including STIG Viewer, ACAS, SCAP, and Vulnerator.
  • Use communication systems, network protocols, encryption, network devices, operating systems, applications, virtual systems, and databases.
  • Perform security categorization based on the impact due to loss of confidentiality, integrity, and availability. Select security controls based on security categorization.
  • Develop strategy for continuous monitoring to ensure acceptable security control is enforced.
  • Direct and/or perform risk/threat assessment for systems undergoing A&A efforts.
  • Direct and/or generate A&A package documentation including Security Assessment Plan (SSP) and authorization boundary in the Systems Security Plan (SSP).

This position requires the following:

  • Navy Qualified Validator Level I with 3 years’ experience (minimum) in performing validator functions in a DoD environment utilizing DoD approved accreditation methods (DIACAP / RMF).
  • Served as designated Navy Validator for one or more Security Authorizations under RMF
  • Security+ (or equivalent certification) and IAT Level II in accordance with DoD Instruction 8570.02
  • Bachelor's degree from an accredited college or university
  • DoD issued Secret clearance

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.