Cyber Compliance Officer

Clearance Level
Secret
Category
Cyber Security
Location
Falls Church, Virginia
Hybrid Workplace
Key Skills For Success

Compliance Requirements

Cybersecurity

Cybersecurity Risk Management

IT Compliance Management

RMF

REQ#: RQ170843
Requisition Type: Regular
Your Impact

Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.

Job Description

Position Description - Cyber Compliance Officer

Program - Guard Enterprise Cyber Operations Support (GECOS)

We are GDIT. We stay at the forefront of innovation to solve complex technical challenges.

GDIT is your place. Make it your own by discovering new ways to apply the latest technologies securely and expertly. Own your opportunity at GDIT and you’ll be a meaningful part of improving how agencies operate. Our work depends on a Cyber Compliance Officer joining our team to support Guard Enterprise Cyber Operations Support (GECOS) program in Falls Church, VA.

At GDIT, we foster a people-centric environment. As a Cyber Compliance Officer, you will support compliance through performing security services in accordance with applicable DoD and Army cybersecurity guidance and regulations.

This is an IT Service Management contract in support of the operation, modernization, expansion, and further evolution of the ARNG’s global Information Technology (IT) services including networking, compute, storage, infrastructure, applications, hosting, and program management services.  The GECOS program supports the ARNG enterprise IT infrastructure, its Wide Area Network (WAN), authentication and directory services, cybersecurity, application hosting, and associated services. GECOS uses ITIL best practices framework as the basis for IT Service Management (ITSM) model.

To be successful in this position you need to be collaborative and willing to work within a team. While you will need to be a self-starter completing tasks on your own, working together is critical in this role. You will be interfacing with the client and senior staff. Therefore, you should be articulate in your communications because your opinion matters. You will need to explain technical intricacies in a way that is easily understood.

The work includes the following:

  • Providing RMF support to the 54 supported organizations (i.e., 50 states, three territories, and the District of Columbia) Installation Campus Area Networks (ICANs) and HQ Enterprise investments where applicable. This support includes eMASS system record reviews.
  • Provide RMF SME support to the 54 in the form of customer training and briefs, managing multiple states simultaneously and briefing the Program Information System Security Manager (P-ISSM) on progress, hurdles, and roadblocks as they arise.
  • Providing RMF Support to the 54 for Steps 0 – 3, 5 & 6:
    • Step 0 – providing customer(s) with RMF SME Roles & Responsibilities training.
    • Step 1 – Providing customers with guidance on how to execute the categorization of their system / ICAN
    • Step 2 – Providing customers with guidance on how to choose the security control baseline for their system / ICAN
    • Step 3 – Providing customers guidance on how to conduct security control implementation and delegating technology areas in eMASS
    • Step 5 – Supporting submission of ATO package artifacts to the Authorizing Official for ATO / risk recommendations
    • Step 6 – Support customer in enabling strategies and following guidance to execute continuous monitoring (ConMon) responsibilities.
  • Maintaining Supporting cybersecurity compliance requirement identification to follow regulatory guidance for IT investments of the 54 and the DoDIN-A(NG) and DoDIN-A(NG)-S networks and computing services.
  • Ensure the 54 are adhering to all Department of Defense (DoD) enterprise security requirements to include those required by the Defense Information Systems Agency (DISA) and the Department of the Army (DA); prepping for and passing Command Cyber Readiness Inspections (CCRIs), obtaining and maintaining Authority to Connect (ATC) and Authority to Operate (ATO) from the Designated Approving Authority (DAA); ensuring compliance with all Secure Technical Implementation Guides (STIGS) and required information assurance (IA) controls.
  • Ensuring that the 54 comply with Army directives and mandates and are in keeping with the future Joint Information Environment (JIE) architecture.

The Cyber Compliance Officer will:

  • Measures ARNG compliance with cybersecurity requirements and recommends cybersecurity program operational execution activities, processes, and practices.
  • Assists the Government with ensuring the secure configuration and preparation for approval of IT below the system level in the form of Software Assurance across the 54 and in coordination with the RCC-NG in accordance with applicable guidance prior to acceptance into, or connection to, an Army IS and the DoDIN-A(NG).
  • Support & maintain an Accreditations and Expiration Dates Record on upcoming expiration of accreditations in addition to RMF-related tasks with an annual and six-month time horizon using RMF Work Management SharePoint tracking tool.
  • Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
  • Assists in the implementation, management, and administration of the organization’s structure and workflow within eMASS.
  • Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
  • Assists in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
  • Assists ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
  • Assists in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
  • Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.

WHAT YOU’LL NEED:

Education/Equivalent Training Required:

  • Bachelor’s degree in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.

Required Experience:

  • 4-6 years of overall demonstrated experience in cybersecurity, information assurance or computer science (RMF 0-6 step experience a must).

Required Technical Skills Requirements:

  • Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
  • Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.
  • Must have customer service experience as this position will require candidate to engage with senior military and government leadership. 
  • Must be able to present your ideas clearly through briefings, meetings and interaction with leadership of different skill sets.
  • Must be able to provide training sessions as required.
  • Must be able to engage with stakeholders to ensure tasks are progressing and meeting timelines.
  • Excellent communication skills
  • Excellent documentation skills
  • Strong organizational and collaborative skills
  • Strong teamwork and engagement as a project team member.
  • Ability to assimilate information rapidly, motivated to self-study new requirements.
  • Maintain current industry knowledge of relevant concepts, practices, and procedures.
  • Ability to work under time constraints.
  • Adapt to changes in requirements and new projects.
  • Maintain and upgrade certifications.
  • Other duties may be assigned, directed, or requested.

Certification Requirements:

  • Must meet DoD 8570 compliance IAM-I certification (i.e., Security+ CE).  Must be current, and a copy must be included with resume.
  • Will need to obtain an additional certification within one year to include one of the following CGRC, CISM, CISSP (or Associate). 

Security Clearance Level Requirements:

  • Must have a minimum of an active Secret clearance at time of interview and candidate must maintain active clearance.

Location:

  • Falls Church, Virginia
  • Hours and onsite/remote days TBD upon hire.  May require occasional shift in work schedule to cover tasking.
  • Requires on-site support for first 3 months and if performance is good, telework can be considered part time, but no more than 2 day a week.  Could change to full time on site on direction by the government.

Travel:

  • Up to 10%.  Travel may include attending conferences up to two times annually and site visits to the 54 up to eight times annually. 

GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays

#GECOS #GDITArmy

Work Requirements
Years of Experience

5 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

CompTIA - Security+ - CompTIA

CISSP: Certified Information Systems Security Professional - ISC²

CGRC � Governance, Risk and Compliance Certification - ISC2

Travel Required

Less than 10%

Citizenship

U.S. Citizenship Required

About Our Work

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.