GDIT is seeking a professional, energetic, and reliable Senior Information Systems Security Manager (ISSM) to join the ARMA-Global Information Technology Security Team. With little supervision, a Senior ISSM will work alongside a team of Engineers and Architects to ensure all related cybersecurity and authorization and accreditation (C&A) activities for all assigned project/systems occur in accordance with DoD 8500 series publications, CJCSI 6510.01, Security Technical Implementation Guides (STIGs), and other applicable governing publications. The successful candidate will be a Cyber Security Team member and team player contributing to policy development and RMF package accreditations for Cloud-based systems supporting national security. The expectation is a Senior ISSM can take an RMF security package for complex systems and services from initiation to ATO award and continue to maintain the package through the system and service lifecycle.
Functional duties Include:
Recommend the way forward based on previous success/experience with packages and speak confidently with senior AFSOC leaders and Approval Authority staff (SCAR, SCA, AOD, AO)
Evaluate configurations, create System Security Plans, Disaster Recovery Plan, Incident Response Plans, and other artifacts as required to facilitate the certification and accreditation of systems
Manage timelines, processes and tasking to achieve success in developing quality products
Assist system engineers and system administrators to comply with the vulnerability management program and secure systems, networks and applications.
Conduct and/or interpret vulnerability scans, analyzing scan findings and providing recommended fix actions to systems personnel to ensure regulatory scanning requirements are satisfied
Prepare, submit, and coordinate DoD Risk Management Framework (RMF) packages for all assigned systems
Evaluate new and existing system designs and recommend technical changes to improve and strengthen security
Staying current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities
Knowledge, Skills and Abilities
5 + years of Cyber Security Development & Engineering experience
3-4 years of systems Risk Management Framework (RMF) related experience
2-3 years of technical experience in systems/network administration or software development
Demonstrated Windows and/or Linux Operating System SysAd or Engineering experience
Experience with eMASS accreditation workflow systems
Experience in Cloud technology is highly desirable
Incident Response or Computer Network Defense experience is highly desirable
Excellent technical writing skills a must
Must have good communication skills and be detail oriented
Self-motivated, shows initiative, and works with minimal direction
Must be able to manage multiple tasks and projects simultaneously
Strong analytical and problem-solving skills and proactive thinking skills
Basic level familiarity with DoD, USAF, USSOCOM, and other Cyber Security Regulatory Compliance bodies
Ability to provide technical support to system and technology owners and communicate effective mitigation and remediation solutions
Proven ability to document and report on processes and procedures
Sense of urgency to address new technologies being deployed: Continuous development of infrastructure and cloud security expertise to function as subject matter expert in multiple technical disciplines
Ability to develop, implement and assess performance metrics of team members
8+ years ISSM experience
Bachelors Degree in Computer Science, Computer Engineering, Math, or an equivalent combination of education and technical experience.
Must have a Secret Clearance to begin work and the ability to obtain a Top Secret-SCI clearance
The work is performed in an office and lab environment
DoD 8570 IAM II Level Certification Required (CISSP, CISM, GSLC, CAP)
(ISC)2 Certified Cloud Security Professional (CCSP) certification desired
ITIL v3 Foundation certification preferred
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.