JMSC-IP Information Technology (IT) and Cyber Risk Auditor Sr (Alt ISSO) – TS/SCI Required

IT AND CYBER RISK AUDITOR SENIOR
 

Seize your opportunity to make a personal impact as an IT and Cyber Risk Auditor Sr (Alt ISSO) at the Joint Multinational Simulation Center - Indo Pacific, the Pacific’s premier simulation complex. Here, you’ll tailor cutting-edge solutions to the unique requirements of our customer. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiator. As an IT and Cyber Risk Auditor Sr (Alt ISSO) you will help ensure today is safe and tomorrow is smarter. Our work depends on an IT and Cyber Risk Auditor Sr (Alt ISSO) joining our team to help build and enable the readiness of our Nation's Army in the Pacific!

MEANINGFUL WORK AND PERSONAL IMPACT:

• Lead the architecture and security design of a scalable data and network environment, strengthening high availability, fault tolerance, and security posture across enterprises
• Develop and implement Cyber RMF exercises, integrating control validation, threat scenarios, and assessment procedures to evaluate system compliance and resilience
• Ensure the cybersecurity Risk Management process and appropriate operational security posture is maintained and documented for the USARPAC Type Training Enclaves and USARPAC Training Exercise Network
• In depth knowledge of Information Security Control principles
• Follows DoW Directives and Instructions 8140, 8570-01-M, Army regulations AR 25-2, NIST Special Publications 800-53, 800-39, as well as following guidance from other cyber agencies in USARPAC CSPMO, NETCOM, and CYBERCOM
• Conducts scheduled SCANs of the training enclaves and systems
• Assist with creating RMF products such as plans of action and milestones (POA&M) and STIG checklist and performs continuous monitoring of applied STIGs and patches
• Assist in validation of applied STIGs and patches performed by the SAs and NAs. Updates and documents STIGs in response to vulnerabilities identified during risk assessments, audits, & inspections
• Produces artifacts and trackers, as well as other documents to meet the Security Control Assessment – Validation (SCA-V) requirement to maintain the USARPAC Type ATO
• Maintains and updates records and artifacts into the Enterprise Mission Assurance Support Service (eMASS) system to support and comply with the RMF process
• Assures successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals
• Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans
• Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure.
• May server as a task or team lead; not a people manager
• Performs other duties as required

WHAT YOU’LL NEED TO SUCCEED:

• Education: BS/BA in Cyber Security, Information Security or Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience
• Required Experience: 5+ years of related experience; Military and MTC experience preferred
• Required Technical Skills:
  • Skilled in eMASS
  • Expert knowledge of the SCA-V process and inspection program
  • Expert understanding of NIST, DoW, & Army Cybersecurity & Risk Management Framework policies, directives, instructions, manuals, and best business practices
• Certification: SEC+ is required
• Security Clearance Level: TS/SCI
• Required Skills and Abilities:
  • Appropriate DoW 8570.01-M baseline certifications as an IAT II is required
  • Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities
  • Knowledge of disaster recovery continuity of operations plans
  • Knowledge of enterprise incident response program, roles, and responsibilities
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles
  • Knowledge of server administration and systems engineering theories, concepts, and methods
  • Experience with VMWare and Kali Linux
  • Experience with Solarwinds or similar discovery and analysis tools
  • Experience with vulnerability assessment tools (i.e. Open VAS; Nessus)
  • Advanced knowledge of Network and Cybersecurity Architecture planning and maintenance support
  • Advanced experience in Cybersecurity documentation and auditing tools 
• Location: On Customer Site

GDIT IS YOUR PLACE:

At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: 401K with company match
• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY

Explore a career in information security at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.

#GDITArmy

#GDITRecruiting

#DefenseOCONUS