Security Engineer (CDC Cloud)

Clearance Level
None
Category
Cyber Security
Location
Atlanta, Georgia

REQ#: RQ66806

Travel Required: None
Public Trust: NACI (T1)
Requisition Type: Regular

GDIT has an opportunity for an experienced information technology expert in Atlanta, GA to join our team supporting Centers for Disease Control and Prevention (CDC)  Office of the Chief Information Officer (OCIO). In this role you will provide cyber security support for the operational support, build-out, and day-to-day maintenance, of the existing CDC cloud infrastructure and related enterprise core services, and, to accelerate and mature the process of migrating CDC products and workloads. This is an exciting opportunity for a cyber security consultant to assist GDIT in establishing a series of shared services managed by a centralized Cloud Services Team comprised of contractor resources working with CDC’s IT project teams, on-premises network and infrastructure management teams, and security accreditation and compliance team to promote and support building an enterprise cloud platform, operating them, and working with IT project teams to migrate and host systems and datasets there. The Cloud Services Team will support CDC and its programs adopt cloud services and operate enterprise cloud solutions. 

The candidate will be required to independently develop a variety of Security Authorization deliverables including: System Security Plans, Security Assessment Reports, Risk Assessment Reports, Privacy Impact Assessments, Annual Assessments, Contingency Plans, FIPS 199 Security Categorizations, etc.  The incumbent will be required to analyze existing processes and procedures to determine areas of possible improvement that will lead to gains in efficiency and security.  Activities will include coordination of plans of actions and milestones (POA&Ms) so they are completed timely and submitted as required.  The candidate will consult and advise on information security issues and participate in security incident response efforts as required.  These activities will be conducted in the context of a fast paced and dynamic scientific computing operational unit that provides shared services broadly to all national centers under OID.  The incumbent will be required to work with key stakeholders to enable compliance as required while providing the flexibility required to enable a robust scientific computing environment.

Responsibilities:

  • Provide Federal Information Security Management Act (FISMA) and Office of Management and Budget (OMB) guidance and support
  • Support Information System Security Officer (ISSO)
  • Support the analysis and review of information security programs and systems to ensure compliance to federal security policies.
  • Independently develop a variety of Security Authorization deliverables including: System Security Plans, Security Assessment Reports, Risk Assessment Reports, Privacy Impact Assessments, Annual Assessments, Contingency Plans, FIPS 199 Security Categorizations, Plan of Action and Milestones (POA&M), etc.
  • Analyze and review existing processes and procedures to determine areas of possible improvement that will lead to gains in efficiency and security.
  • Provide guidance on security threats, technology, standards, and practices.
  • Develop, review and monitor compliance with organizational security policies.
  • Monitor, track and report on the status of POA&M items.
  • Proactively manage risks, and systematically resolve or escalate issues in a timely manner.

Requirements:

  • 5+ years of work experience in IT in one or more areas of infrastructure, systems management, operations, or security
  • 4+ years of experience in Information Assurance (IA), Information Security (InfoSec)
  • 2+ years of experience auditing under FISMA requirements   
  • Working knowledge of system and network security engineering best practices, operating systems and application auditing.
  • Thorough understanding of the NIST risk management framework and related industry best practices.
  • Broad background in information assurance (IA) activities required to facilitate and coordinate IA activities for a project to obtain an Authorization to Operate (ATO)
  • Strong written and verbal communication skills
  • Must possess or be able to obtain a civilian government Public Trust Level 5
  • Previous experience working in cloud environment

Preferred

  • 3+ years experience with CDC Security processes and procedures
  • Security Certifications: CISSP, GIAC, CISA, CISM
  • Experience with IBM Rational Appscan and Tenable Nessus

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.