Responsibilities: The candidate will lead and assist with security testing and security control assessments of FedRAMP Cloud Service Providers (CSPs) systems to ensure compliance with the NIST SP 800-53 Rev. 4 and FedRAMP specific requirements. Lead and conduct FedRAMP security control assessments within the continuous monitoring Authorization cycle. Technically assess FedRAMP SaaS, PaaS and IaaS security configurations and implementation. Interface with CSP staff to perform the security assessment activities. Lead and support security control assessments based on FedRAMP requirements, NIST SP 800-53 Rev. 4, NIST SP 800-53A Rev. 4, and NIST 800-37 Rev.1. Analyze results from vulnerability scanning tools such as Nessus HP WebInspect, QualysGuard, AppDetective, and Burp Suite. Develop Readiness Assessment Reports (RARs), Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Plan of Action and Milestone (POA&M) Reports.
Experience: Minimum 6 yrs experience and Bachelor’s degree in Computer Science, Information Technology or related discipline.
Clearance: TS required
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.