Information System Security Officer/Engineer (Top Secret Clearance Required)

Clearance Level
Top Secret
Category
Information Security
Location
Quantico, Virginia
Onsite Workplace
Apply
REQ#: RQ140612
Public Trust: None
Requisition Type: Regular
Your Impact

Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being of U.S. citizens.

Job Description

Duties include Supporting excellent verbal and written communication skills and document appropriately within a RMF system and coordinate with other security personnel. Prepare documentation from templates, such as Configuration Management Plan (CMP), Incident Response Plan (IRP), Information System Contingency Plan (ISCP), and Plan of Action and Milestones (POA&M) to ensure compliance. Must be able to identify vulnerabilities, identify resolutions to bring to management for resolution. Review vulnerabilities (patches, updates, and compliance) SCAP, DISA, STIG scans on the infrastructure and applications to ensure patch and configuration compliance. Prepares SAA package(s) to obtain and maintain an authority-to-operate (ATO).

Minimum/General Experience:  Three (3) years of experience or more assessing and documenting results for system(s), infrastructure(s) and applications (on-premises and cloud (i.e., AWS GovCloud and/or Azure GovCloud)) against NIST SP 800-53 security controls and SP 800-171 Risk Management Framework (RMF) processes.

Education:  Bachelor’s Degree in computer security or a related field of Study; Information Security Certification(s) (e.g., CISSP, CAP, etc.) with five (5) years of documented work experience in lieu of education.

Preferred Additional Skills:

  • Experience in a cyber-risk and compliance management system (e.g., Xacta, Risk Vision, etc.);One (1) year experience or more configuring, performing, scheduling, reviewing, and assessing vulnerability (i.e., patches, updates, etc.) and compliance (i.e., Security Content Automation Protocol (SCAP) and/or Defense Information Systems  Agency (DISA) Security Technical Implementation Guide (STIG)) scans on the infrastructure and applications to ensure patch and configuration compliance on-premises and in the cloud (AWS preferred).
  • Technical background that will assist in assessing the NIST SP 800-53 security controls and gather evidence to support conclusions.
  • Knowledge of operating systems, network, and application security to aid implementation of information security and assurance principles.
  • Knowledge of SPLUNK software and tools; and Taclane, encryption devices and COMSEC technology.
    Travel Required: None
    About Our Work

    We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

    COVID-19 Vaccination

    GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

    GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

    0