Information System Security Officer

We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being rusted to deliver your best every day.

We think. We act. We deliver. There is no challenge we can’t turn into opportunity and our work depends on an Information System Security Officer (ISSO) to support the Centers for Medicare and Medicaid Services (CMS) Center for Consumer Information & Insurance Oversight (CIIO) Customer Relations Management System (CCRMS), supporting customer service efforts related to back-office functions of the ACA and the Marketplace. Work visa sponsorship will not be provided for this role.

At GDIT, people are our differentiator. As an ISSO supporting CCRMS, you will be a part of a security team that supports projects' information security needs and provides advisory services to the project team and client personnel to comply with a federal agency's comprehensive security program and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). In this role, a typical day might include:

• Reviewing security documentation including but not limited to system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment, and FIPS categorization providing recommendations and areas of improvement.

• Providing support for the security life cycle of applications to the project teams and client stakeholders.

• Providing advice and guidance on the implementation of network/system/software security in accordance with mandates and other directives.

• Collaborating with the project team(s) to support security activities.

• Assisting with identifying and mitigating risks.

• Conducting security impact assessments and advises managers and stakeholders of results.

• Assisting software development team to reduce security risks in database application development projects

WHAT YOU'LL NEED TO SUCCEED:

• Bachelor’s degree and 5+ years of directly related experience in Information Security/Assurance. 

• 3+ years of experience with AWS security services.

• Experience with NIST 800 series of Special Publications, disaster/contingency planning, risk assessment, and the NIST Risk Management Framework

• Experience with Information Security practices, networks, software, and hardware, computer programming, operating systems.

• Experience with computer desktop packages such as Microsoft Word, Excel, etc.

• Exceptional communication and interpersonal skills with experience working with all levels of program and client project team members and the ability to establish and maintain a strong customer-focused working relationship.

• Experience developing and maintaining security-related documentation and deliverables, including System Security Plan (SSP), Security Impact Analysis (SIAs), Information System Risk Assessment (ISRA), Privacy Impact Assessment (PIA), and Incident Response Plan (IRA).

• Experience with Security architecture.

• One or more security-related certification, such as CISSP or Security+

• Hands-on experience using JIRA and Confluence.

• Candidate must be able to obtain Public Trust (T4) clearance.

• Candidate must have lived in the United States at least three (3) out of the last five (5) years.

DESIRED QUALIFICATIONS AND EXPERIENCE:

• Salesforce experience.

• Experience supporting the Centers for Medicare and Medicaid Services (CMS) and/or the healthcare industry.

• Experince with CMS Acceptable Risks and Safeguards and CMS Information System Security policies and procedures

• Experience with RSA Archer Assessment and Authorization and DISA Security Technical Implementation Guides

• Hands-on experience wtith end point security and vulnerability scanning tools

• Detail oriented, with strong follow-up skills to ensure completion of tasks (e.g., ability to track failed test cases and ensure that the technical resolution is completed and re-tested).

• Excellent knowledge of industry best practices, trends, and difficulties.

• Ability to work independently and interact regularly with government and non-government stakeholders at multiple levels of authority.

• Works well as a team member in a fast-paced and often time-sensitive environment.

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities

• Support: An internal mobility team focused on helping you achieve your career goals

• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in program management at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.