The Cybersecurity Configuration Standards Lead will manage a team of 5 – 6 security configuration engineers and analysts who develop, publish, and maintain the customer’s FISMA required security configuration standards. They will provide oversight, guidance, and technical expertise for evaluating a wide array of new and emerging technologies, and developing recommendations for security configuration baselines. They will be responsible for ensuring the development of security configuration standards based on the U.S. Government Computing Baseline (USGCB) and Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), using the Security Content Automation Protocol (SCAP). New standards are developed to implement Departmental policy, technical security countermeasures, and industry best practices. The Senior Cyber Security Configuration Engineer will also evaluate various technical and policy questions, providing written responses to a wide range of audiences.
The ideal candidate will have extensive knowledge of cyber security principles and best practices. They will have a proven history of working to implement effective cybersecurity policy through policy development and training. They must have a foundational knowledge of a wide array of technologies and their complementary elements. The candidate will also promote awareness of security issues among management and ensure sound security principles are reflected in organizations’ visions and goals. Leading research pertaining to the latest security threat vectors and the latest technological advances in combating unauthorized access to information will be necessary in supporting the client to publish incidents, alerts, advisories, and bulletins. The candidate will ensure that rigorous application of information security/information assurance policies, principles, and practices are implemented in the delivery of all IT services.
US Citizenship and ability to obtain National Security Clearance at the Secret level
Proven experience leading small teams through change
Experience managing workloads and tasks across individual team members
6 – 9 years’ experience analyzing, engineering and implementing IT components including operating systems and applications
3 – 5 years developing and implementing cybersecurity policy, security configuration standards, security templates, and Group Policy Objects (GPOs)
Firm understanding of cloud technologies and cloud security
Firm understanding of security configuration settings for Microsoft Operating Systems (e.g. Windows 7, 8, 10, Server 2008, 2012), Linux (e.g. Red Hat), databases (e.g. SQL Server, Oracle), and/or networking equipment.
2-3 years’ experience engineering/maintain network infrastructure to include routers, switches and Firewall
2-3 years’ experience working with Active Directory and supporting Windows Server on an enterprise level
2-3 years’ experience with configuring/administrating wireless networks
ISC2 Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SCCP), or equivalent certification
ISC2 Certified Cloud Security Professional (CCSP)
Microsoft Certified IT Professional (MCITP) or equivalent certification
Clearance level required for each position: Interim Secret to start, final Top Secret
Workdays: Monday - Friday
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.