Information Assurance Officer/ISSO: TS/SCI with Poly Required

Clearance Level
Top Secret SCI + Polygraph
Category
Information Security
Location
Herndon, Virginia

REQ#: RQ66228

Travel Required: None
Requisition Type: Regular

Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.

Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

Evaluate firewall change requests and assess organizational risk.

Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

Assists with implementation of counter-measures or mitigating controls.

Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.

Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools.

Safeguards the network against unauthorized infiltration, modification, destruction or disclosure.

Researches, evaluates, tests, recommends, communicates and implements new security software or devices.

Conducts investigations of computer security violations and incidents, reporting as necessary to management.

Researches, evaluates, tests, recommends, communicates and implements new security software or devices.

Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, telecommunications and information systems security education/awareness programs.

Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

Prepares incident reports of analysis methodology and results.

Ensure compliance with regulations and privacy laws.

Provides guidance and leadership to less-experienced team members.

DESIRED QUALIFICATIONS: BA/BS (or equivalent experience), 5+ years of experience

Program Specific Requirements:

Required :

Performs audit log analysis, report generation and brief findings to GCI Management
In coordination with GCI Management, develops information system security policies, CONOPS, guides, etc.
Conducts and/or Coordinates security investigations of all suspected computer security violations, incidents, and compromises in accordance with GCI’s incident response program
Responsible for Information Assurance (IA) processes, procedures, and compliance for all assigned Information Systems (IS)
Conducts security audits and ensures that audit trails are reviewed and audit records archived in accordance with GCI and Customer security requirements
Ensures IS are operated, used, maintained and disposed of appropriately in accordance with GCI and/or Customer security procedures, directives, guidelines, regulations, and policies.
Develops and maintains system security documentation such as Security Plans, Security Operating Procedures, CONOPS, etc., in coordination with the IAM and Information System Security Manager (ISSM)
Conducts periodic reviews, self-inspections, and/or assessments to ensure IS(s) meet GCI and Customer security requirements as well as during A&A activities.
Conducts user training and awareness activities under the direction of the GCI IAM, ISSM, or Customer Security
Conducts and/or Coordinates security investigations of all suspected computer security violations, incidents, and compromises as directed by the ISSM, IAM, or Customer Security Representatives
Participate in self-assessment of system safeguards and program elements and in assessment and authorization of the system
Ensures Configuration Management (CM) for IS software and hardware is maintained and documented
Serves as member of the Configuration Management Board for system(s) for which they are responsible
Coordinates/obtains approval from GCI and/or Customer Security representatives for the procurement of software, hardware, and firmware for use on assigned IS(s)
Possess a working knowledge of industry best practices for Information Assurance as well as applicable information security documents such as ICD 503, Risk Management Framework (RMF), NISPOM, and NIST
Candidate must be a self-starter that is mission focused and able to work in a dynamic work environment with a diverse set of personalities
Strong documentation, analysis, and oral/written communications skills
Security+ Certification
2 or more years of System Administration or Network Administration experience
2 or more years of IA/INFOSEC experience

Desired :

CISSP Certification
Network+ Certification
IT Certifications from Microsoft, Linux, and Cisco
5 or more years of IA experience

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.