ISSO TS/SCI with Poly Required

Clearance Level
Top Secret SCI + Polygraph
Category
Information Security
Location
Herndon, Virginia

REQ#: RQ111603

Travel Required: None
Requisition Type: Regular

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, information security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do. GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter.

At GDIT, people are our differentiator. As an ISSO, a typical day will include:

·Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.

·Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

·Evaluate firewall change requests and assess organizational risk.

·Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

·Assists with implementation of counter-measures or mitigating controls.

·Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.

·Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools.

·Safeguards the network against unauthorized infiltration, modification, destruction or disclosure.

·Researches, evaluates, tests, recommends, communicates and implements new security software or devices.

·Conducts investigations of computer security violations and incidents, reporting as necessary to management.

·Researches, evaluates, tests, recommends, communicates and implements new security software or devices.

·Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, telecommunications and information systems security education/awareness programs.

·Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

·Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

·Prepares incident reports of analysis methodology and results.

·Ensure compliance with regulations and privacy laws.

·Provides guidance and leadership to less-experienced team members.

Required :

·Active TS/SCI w/Poly

·BA/BS (or equivalent experience), 2+ years of experience OR equivalent combination of experience and education

·Performs audit log analysis, report generation and brief findings to Management

·In coordination with GCI Management, develops information system security policies, CONOPS, guides, etc.

·Conducts and/or Coordinates security investigations of all suspected computer security violations, incidents, and compromises in accordance with GCI’s incident response program

·Responsible for Information Assurance (IA) processes, procedures, and compliance for all assigned Information Systems (IS)

·Conducts security audits and ensures that audit trails are reviewed and audit records archived in accordance with and Customer security requirements

·Ensures IS are operated, used, maintained and disposed of appropriately in accordance with GCI and/or Customer security procedures, directives, guidelines, regulations, and policies.

·Develops and maintains system security documentation such as Security Plans, Security Operating Procedures, CONOPS, etc., in coordination with the IAM and Information System Security Manager (ISSM)

·Conducts periodic reviews, self-inspections, and/or assessments to ensure IS(s) meet GCI and Customer security requirements as well as during A&A activities.

·Conducts user training and awareness activities under the direction of the IAM, ISSM, or Customer Security

·Conducts and/or Coordinates security investigations of all suspected computer security violations, incidents, and compromises as directed by the ISSM, IAM, or Customer Security Representatives

·Participate in self-assessment of system safeguards and program elements and in assessment and authorization of the system

·Ensures Configuration Management (CM) for IS software and hardware is maintained and documented

·Serves as member of the Configuration Management Board for system(s) for which they are responsible

·Coordinates/obtains approval from GCI and/or Customer Security representatives for the procurement of software, hardware, and firmware for use on assigned IS(s)

·Possess a working knowledge of industry best practices for Information Assurance as well as applicable information security documents such as ICD 503, Risk Management Framework (RMF), NISPOM, and NIST

·Candidate must be a self-starter that is mission focused and able to work in a dynamic work environment with a diverse set of personalities

·Strong documentation, analysis, and oral/written communications skills

·Security+ Certification

·2 or more years of System Administration or Network Administration experience

·2 or more years of IA/INFOSEC experience

Desired :

·CISSP Certification

·Network+ Certification

·IT Certifications from Microsoft, Linux, and Cisco

·2 or more years of IA experience

#CJPOST


About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.