Information Systems Security Manager (ISSM)

Clearance Level
Interim Top Secret
Category
Information Security
Location
Las Vegas, Nevada

REQ#: RQ105884

Travel Required: Less than 10%
Requisition Type: Pipeline

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cybersecurity is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on an Information Systems Security Manager joining our team to support the Department of Energy’s National Nuclear Security Administration. 

The National Nuclear Security Administration IT Managed Services (NIMS) is an exciting program performing IT support for the Department of Energys organization responsible for enhancing national security through the application of nuclear science by maintaining and enhancing the safety, security, and effectiveness of the US nuclear weapons stockpile.  This support is provided in several locations across the US giving employees great options for geographically diverse work locations.  The primary goal of the program will be to support the NNSA Associate Administrator for Information Management and Chief Information Officer (OCIO) in modernizing its IT and Cybersecurity Infrastructure and transforming current IT and Cybersecurity services to a managed service environment.

At GDIT, people are our differentiator. As an Information Systems Security Manager you will use your knowledge of cyber security policies and technical cyber security protection measures to continually evaluate the security posture of all networks and systems, including making recommendations for implementing new security controls as new threats and vulnerabilities are discovered.

Further responsibilities include:  

  • Establish documents and monitors security programs while overseeing the implementation plans and ensuring compliance with DOE management policies. 
  • Serve as the authorizing officer for all cyber security issues.
  • Conduct periodic scans to verify networks and systems are appropriately baselined with

      tested and approved system and application patches, hotfixes and updates.

  • Create, log, and control all customer requests and transactions for data transfers between systems (e.g. Compact Disks (CD) and other high-capacity media, scanning documents, etc.).

  • Ensure the following activities are required and completed on a periodic basis (e.g. ensuring data is backed up, account management (deactivate unused accounts and validate user access rights), participate in the Systems Development Life Cycle (SDLC).
  • Evaluate all new software and hardware products for potential security flaws and risks.
  • Provide immediate notification of all security-relevant issues, findings and potential risks associated with any Information System (IS).
  • Periodically review and analyze audit logs for system deficiencies and anomalies using audit reduction tools.
  • Prepare, update, and maintain RMF documentation such as, but not limited to, Authorization to Operate (ATO) packages, System Security Plans (SSP), Risk Assessment Reports (RAR), Security Control Traceability Matrixes (SCTM) and Plan of Actions and Milestones (POA&Ms) for all networks and systems.
  • Provide Configuration Management (CM) for IS security software, hardware, firmware and coordinating changes and modifications with the ISSM, SCA and Authorizing Official (AO).
  • Work closely with Security Control Assessors (SCA) to determine effectiveness of current security controls and a path forward to implement future security controls, where potential weaknesses might exist.

WHAT YOU’LL NEED:

  • Bachelor’s degree in a related business or technical discipline, or the equivalent combination of education, technical training, or work/military experience.
  • 8 years of related technical experience.
  • CISSP.
  • DOE Q, L, or TS clearance.

WHAT GDIT CAN OFFER YOU:

  • Full-flex work week.
  • 401K with company match.
  • Internal mobility team dedicated to helping you own your career.
  • Collaborative teams of highly motivated critical thinkers and innovators.
  • Ability to make a real impact on the world around you.

Not sure this job’s the one for you? Check out our other openings at gdit.com/careers.

Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking “Share.”

This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Florida, Montana, Tennessee, Texas, or work outside of the United States may be excluded from this requirement.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.