GDIT is seeking an Cybersecurity Analyst/ISSO Support to help our milCloud 2.0 contract and work in Durham, NC.
This Cybersecurity Analyst/ISSO position will be to help support the ARC-P and milCloud®2.0 Cyber Security Team at the Research Triangle Park location in Raleigh/Durham, NC. ARC-P is GDIT’s FedRAMP HIGH, JAB authorized, IaaS, cloud environment. While milCloud®2.0 is architected as an ARC-P DoD dedicated region with two availability zones deployed on site at DISA data center locations.
Responsibilities include: • Supporting the IA functions of the FedRAMP federal cloud service offering and DOD on-premise cloud service offering by ensuring NIST 800-53 security controls are implemented as outlined in policy, procedures, and sensitive system documentation. • Participating in high-level enterprise architecture analysis, evaluation, design, integration, documentation, and development to include security control design and security package development/documentation. • Understanding, implementing, documenting, communicating, and assessing NIST 800-53 security controls. • Documenting security control implementations and the respective systems, applications, tools, devices, etc. that are part of the comprehensive solution. • Identifying the artifacts that demonstrate security controls are implemented as documented. • Analyzing security controls and the impact major and/or significant changes would introduce to the environment. • Researching remediation options for findings or vulnerabilities identified for security controls. • Assessing and/or authorizing systems in accordance with the Risk Management Framework (RMF). • Applying high-level business and technical principles and methods to very difficult technical problems to arrive at creative information assurance/engineering solutions that are in alignment with security control requirements. • Recommending, taking action, and documenting the solution to direct the analysis of IA/security control-related issues. • Supporting the IA functions and related security controls for the services deployed above the hypervisor to customers in the DOD on-premise offering. • Consulting with customers in the DOD on-premise offering on authorizing their systems through DOD RMF.
REQUIRED SKILLS: • Must have an active Top Secret clearance, or existing SSBI or T5 background investigation. • Bachelors Degree or equivelant work experience • Must have previous hands-on ISSO, Assessor, or Continuous Monitoring experience with developing and/or updating information security documentation for NIST 800-53 security controls, including but not limited to information security policy, procedures, system security plans (SSPs), security impact analyses (SIAs), etc. • Expertise in understanding, implementing, documenting, communicating, and assessing NIST 800-53 security controls. • 2+ years of federal IA experience with direct experience in assessing and/or authorizing systems in accordance with the Risk Management Framework (RMF).
DESIRED SKILLS: • IAT Level III certification (CISSP preferred). • Experience with the FedRAMP security authorization process, and the FedRAMP Moderate and High Baselines. • Experience with the DISA Cloud Computing SRG, and the DoD IL5/IL6 Baselines. • Understanding of CNSSI 1253 and related guidance. • Experience with federal cloud services and technologies. • Experience with coordinating and completing FedRAMP 3PAO assessments. • 2+ years of system administration, engineering, security architecture, and/or related technology experience.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.