GDIT is seeking a Security Control Assessor to provide support for the Defense Enterprise Office Solution (DEOS) Cloud Service Offering contract. This position will require the employee to report full-time onsite in Fort Meade, MD or Chantilly, VA.
The Security Control Assessor (SCA) is responsible for preparing and conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an IS to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system). The SCA also provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities.
Additional responsibilities include:
Perform oversight of the development, implementation, and evaluation of IS security program policy.
Perform assessment of ISs, based upon the Risk Management Framework (RMF) methodology in accordance with the NIST SP 800-53.
Advise the Cybersecurity Senior Manager and PMO on any assessment and authorization issues.
Evaluate Authorization packages and make recommendation.
Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required.
Advise the Government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system.
Ensure security assessments are completed and results documented and prepare the Security Assessment Report (SAR) for the Authorization boundary.
Initiate a Plan of Action and Milestones (POA&M) with identified weaknesses for each Authorization Boundaries assessed, based on findings and recommendations from the SAR.
Evaluate security assessment documentation and provide written recommendations for security authorization to the Government.
Discuss recommendation for authorization and submit the security authorization package to the AO/DAO.
Evaluate the effectiveness and implementation of Continuous Monitoring Plans.
Active DoD Top Secret clearance.
6 years’ experience.
5+ years progressive enterprise architecture and modeling experience.
Minimum 4 years’ experience in SAP, SCI or Collateral Information Systems (IS) Security and the implementation of regulations identified in the description of duties.
Prior performance in the role of ISSO and ISSM or SCA.
Basic knowledge of networking and cloud devices, topologies, and concepts.
Experience with commercial cloud services.
Ability to thrive in a highly collaborative, fast-paced, growth-focused environment.
Strong communications experience.
Excellent written and verbal communication skills.
Able to report onsite as indicated above
Experience with AWS, Azure, and/or GCP.
This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Florida, Montana, Tennessee, Texas, or work outside of the United States may be excluded from this requirement.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.