Information Assurance Specialist / ISSO

Clearance Level
Top Secret
Cyber Security
Durham, North Carolina
Chantilly, Virginia

REQ#: RQ92081

Travel Required: Less than 10%
Requisition Type: Pipeline

GDIT is seeking an Information Assurance Specialist / Information System Security Officer (ISSO) to help support cybersecurity activities for cloud offerings on our milCloud 2.0 contract in the secret classified facility. Due to the nature of the work this role entails, telecommuting is not allowed and will require the employee to report onsite full-time at either our Durham, NC or Chantilly, VA office. 


(1) Relocation assistance will not be provided. If not local to Durham or Chantilly, the candidate must be willing to relocate to the designated area at their own cost.
(2) This position is contingent upon contract funding and tasking.

This Information Assurance Specialist / ISSO position will be to help support the ARC-P and milCloud®2.0 Cyber Security Team. ARC-P is GDIT’s FedRAMP HIGH, JAB authorized, IaaS, cloud environment. While milCloud®2.0 is architected as an ARC-P DoD dedicated region with two availability zones deployed on site at DISA data center locations.


Responsibilities include:

  • Supporting the IA functions of the FedRAMP federal cloud service offering and DOD on-premise cloud service offering by ensuring NIST 800-53 security controls are implemented as outlined in policy, procedures, and sensitive system documentation.

  • Participating in high-level enterprise architecture analysis, evaluation, design, integration, documentation, and development to include security control design and security package

  • Understanding, implementing, documenting, communicating, and assessing NIST 800-53 security controls.

  • Documenting security control implementations and the respective systems, applications, tools, devices, etc. that are part of the comprehensive solution.

  • Identifying the artifacts that demonstrate security controls are implemented as documented.

  • Analyzing security controls and the impact major and/or significant changes would introduce to the environment.

  • Researching remediation options for findings or vulnerabilities identified for security controls.

  • Assessing and/or authorizing systems in accordance with the Risk Management Framework (RMF).

  • Applying high-level business and technical principles and methods to very difficult technical problems to arrive at creative information

  • Recommending, taking action, and documenting the solution to direct the analysis of IA/security control-related issues. 

  • Supporting the IA functions and related security controls for the services deployed above the hypervisor to customers in the DOD on-premise offering.

  • Consulting with customers in the DOD on-premise offering on authorizing their systems through DOD RMF.



  • Must have an active Top Secret clearance, or existing SSBI or T5 background investigation.

  • Bachelors Degree in related field or equivalent experience in lieu of education

  • 8+ years of federal IA experience with direct experience in assessing and/or authorizing systems in accordance with the Risk Management Framework (RMF).

  • Must have previous hands-on ISSO, Assessor, or Continuous Monitoring experience with developing and/or updating information security documentation for NIST 800-53 security controls, including but not limited to information security policy, procedures, system security plans (SSPs), security impact analyses (SIAs), etc.

  • Expertise in understanding, implementing, documenting, communicating, and assessing NIST 800-53 security controls.

  • Willing to report onsite as indicated above


  • IAT Level III certification (CISSP preferred).

  • Experience with the FedRAMP security authorization process, and the FedRAMP Moderate and High Baselines.

  • Experience with the DISA Cloud Computing SRG, and the DoD IL5/IL6 Baselines.

  • Understanding of CNSSI 1253 and related guidance.

  • Experience with federal cloud services and technologies.

  • Experience with coordinating and completing FedRAMP 3PAO assessments.

  • 8+ years of system administration, engineering, security architecture, and/or related technology experience. 

This position requires being fully vaccinated against COVID-19 by December 8, 2021 or the start date, if after December 8.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.