NCIS Information Assurance Engineer

Clearance Level
Top Secret
Information Security
Quantico, Virginia

REQ#: RQ69657

Travel Required: None
Public Trust: None
Requisition Type: Regular

Join General Dynamics Information Technology (GDIT) and be a part of the team of men and women that solve some of the world’s most complex technical challenges. The NCIS program is searching for an Information Assurance Engineer to join their team at Quantico, VA.

The Naval Criminal Investigative Service (NCIS) is an organization of over 2,200 personnel of which 700 serve at HQ and the remaining staff serve at offices worldwide. NCIS is the Department of Navy (DON) component with primary responsibility for criminal investigation, law enforcement (LE), counter-terrorism (CT), counterintelligence (CI), and cyber matters.  NCIS not only has primary responsibility for all criminal investigative, CI, CT, and cyber matters within the DON, but it also has exclusive investigative jurisdiction in non-combat matters involving actual, potential, or suspected criminal, terrorism, sabotage, espionage, and subversive activities.

NCIS provides the DON with threat status and warnings associated with terrorist, criminal, cyber, and counterintelligence activity throughout the world.  NCIS is the only DON organization that has the information and responsibility to fuse and analyze the national intelligence and law enforcement information necessary to provide these warnings.  

The Information Technology Directorate (ITD) supports the NCIS core mission areas to investigate and defeat criminal, terrorist, and foreign intelligence threats by planning for and providing services through appropriate use of the people, equipment, technology, and infrastructure resources of the United States Navy and Marine Corps.


  • Designs, develops, engineers, and implements solutions that meet DON security requirements.

  • Responsible for ensuring the integration and implementation of computer system security solutions.

  • Performs risk analyses of computer systems and applications during all phases of the system development life cycle.

  • Identifies test requirements and tools based upon system architectures.

  • Develops, reviews and implements security test plans and procedures.

  • Establishes and satisfies system-wide information security requirements based on analysis of user, policy, regulatory, and resource demands.

  • Supports the Government Cyber security Managers in the development and implementation of cyber security doctrine and policies.

  • Initiates, prepares, processes and monitors DoD Information Assurance Certification and Accreditation (C&A) Process (DIACAP) and Assessment and Authorization (A&A) Risk Management Framework (RMF) packages; ensures existing C&A and A&A packages are maintained in a compliant status; verifies and validates C&A and A&A package requirements and configuration modifications are performed and tested.

  • Manages and maintains C&A and A&A packages using eMASS and XACTA tools.

  • Reviews system engineering documentation, CONOPS, installation and configuration specifications to determine security requirements and to identify security concerns.

  • Prepares briefing slides, status charts and support documentation as presentations for the client.

  • Must have experience with using public key-based technologies for applications.

Basic Qualifications:

  • BS degree; additional years of experience may be considered in lieu of degree

  • 10+ years of experience in the systems security discipline with specific emphasis on Navy Information Assurance practices.

  • Experience in the development of Assessment and Authorization (A&A) and Certification and Accreditation plans (C&A), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning.

  • Experience with Enterprise Mission Assurance Support Service (eMASS) tools.

  • Experience preparing, processing, assessing, validating and maintaining DIACAP and RMF packages using eMASS and XACTA tools.

  • Training or experience processing DIACAP to RMF transition packages.

  • Current DoD 8570 - IAT Level II (GSEC, Security+ CE, SSCP, or CCNA-Security)

  • Top Secret clearance is required to start, must be eligible to obtain SCI-level adjudication

Preferred Qualifications:

  • Completed Navy RMF training

  • Basic understanding of cloud computing SaaS, PaaS, and IaaS fundamentals

  • Knowledge in FedRAMP assessment, authorization, cloud broker and the Joint Authorization Board (JAB)

  • Certified as Navy Qualified Validator (Level II or III)

  • Fleet Cyber Command experience

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.