Serves as an ISSO supporting the 480th Intelligence, Surveillance, Reconnaissance (ISR) Wing Security Office and the Distributed Common Ground System (DCGS), Technical Operations Center (TOC). Assists in the overall development, implementation, and oversight of the information assurance (IA) program. Participates in the security engineering, validation testing of system configuration/hardening, and assessment of classified information systems (IS). Understands current computer technologies and technical security requirements as applied to the design, development, evaluation, and integration of computer systems and networks to sustain compliance with national and corporate policy as well as best practices. Supports the Certification and Accreditation (C&A) process and develops system security plans (SSPs) under guidance of NISPOM, DIACAP, ICD 503, or replacement guidance as released. Conducts certification test analysis and technical evaluations for vulnerabilities and must possess the ability to recommend and apply security countermeasures to mitigate identified risks. Coordinates with program management and customer counterparts to ensure compliance with national IA/IS security requirements. Provides IA/IS security awareness and training to users of classified systems.
• Validate configuration changes of firewall, switch, and router modifications on a continuous basis. • Generate, collect, store, and retain audit data • Ensure the proper protection of the DPA, DCGS Enterprise, and Information Systems (ISs) • Monitor systems, and their environments of operation, to include developing and updating security plans, managing and controlling changes to the DPA, and assessing the security impact of those changes • Ensure physical and environmental protection measures are executed with appropriate security officials • Ensure hardware, software, and firmware on ISs are operated, maintained, and disposed of IAW security policies, configuration management policies, and procedures as outlined in the security authorization artifacts • Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties • Ensure all users have the requisite security clearances, authorization, need-to-know, and are provided security awareness training before granting access to the IS • Report all security-related incidents to the ISSM • Conduct periodic reviews of information systems to ensure compliance with the security authorization artifacts and report finding to Government and Contract program lead(s) • Notify the ISSM, in consultation with 27 IS, 480 ISRW/SC and 480 ISRW/SO, of any changes or modifications to hardware, software, or firmware of a system that might affect system authorization • Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly • Ensure all IS security-related documentation is current and accessible to properly authorized individuals • Ensure audit records are collected and reviewed IAW ICS 500-27, Collection and Sharing of Audit Data • Ensure approved procedures are used by personnel for sanitizing and releasing system components and media • Maintain a repository of all security authorizations for ISs applicable to the DPA • Coordinate IS security inspections, tests, and reviews • Ensures proper measures are taken when an IS incident or vulnerability is discovered IAW with governing guidance • Develop and implement an IS security education, training, and awareness program for contractor personnel • Provide input to the Government to develop and update System Security Authorization Agreement (SSAA), and inclusion in the DCGS SSAA or other applicable security accreditation documentation • Coordinate, review, and provide input to CCBs concerning system accreditations (i.e. network drawings, equipment lists, operational procedures, Trusted Facility Manuals (TFMs), Software Version Description Documents (SVDDs), and security procedures) • Prepare all on-site information assurance documentation • Populate the XACTA database with all bodies of evidence to support system accreditation actions • Create Plans-of-Action and Milestones (POA&M) based on Security Assessment Reports (SAR) developed during system accreditation actions • Participate in DCGS security planning sessions and working groups • Oversee account authorization, creation, and management • Be responsible for the day-to-day security accreditation and certification of the systems
Requirements: • TS/SCI
• Minimum of four (4) years’ IA experience • Possess IAT Level II Security + (CE) certification • Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.