Security Engineer (Automation) - TS/SCI

Clearance Level
Top Secret/SCI
Category
Information Security
Location
Springfield, Virginia

REQ#: RQ66311

Travel Required: Less than 10%
Requisition Type: Regular

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can't turn into opportunity. And our work depends on TS/SCI level cleared Security Automation Consultant joining our team to support our Intel customer in Springfield, VA or St. Louis, MO.

Position Summary:

General Dynamics Information Systems (GDIT) is seeking a Security Engineer to provide expert technical services on all aspects of Information Security and Automation. Responsible for writing information security body of evidence, as well as documenting and maintaining updates to the baseline image and configuration of each system, draft application service provider security policies, and coordinating and managing all aspects of the Authorization and Assessment process for all systems.  Work across multiple GDIT programs, to advise and assess system design/architecture as well as defining, designing and evaluating information security systems and working with the GDIT automation teams to automate images pushed out to multiple on premise and cloud systems.  Ensuring all control responses are documented in a database and available for all GDIT Information Assurance teams to utilize.  Work with Engineering and Operations teams to verify all documented control responses to hardware and software components supported.  Understand Cloud Infrastructure and how to properly impact cloud security requirements.  Work with Developers to build and obtain authorization on a cloud development instance.  Manage multi-agency information sharing and integration security. Maintain affiliations with high-level personnel at multiple agencies and organizations involved in Information Security. Tasking includes incident response, system access approval, audit log review, Configuration Control Board and daily consultations/consulting on a wide variety of security issues. Report, document and investigate all security related incidents; assist with development and implementation of corrective measures.

Unique/Additional Requirements:

  • Candidate must have knowledge of and experience with ICD 503 and be familiar with Cloud Infrastructure/AWS-based solutions.
  • Candidate must possess IAM II certification to start in accordance with DOD 8570.1M. This position is defined as in 8570.1M chapter 4, pg 35. Candidate is required to understand how our customer's RMF process work and how systems security requirements will be met.
  • Candidate will work with all IT groups to build IT systems with security planned from the start. Work with developers, operations, system engineers, and users  to determine Categorization requirements and be able to draft all required Security Body of Evidence.
  • Understand and be able to identify what group or process will satisfy security requirement.  Utilize this skillset to develop standardized responses to all controls and STIG items.
    • Be the Subject Matter Expert to communicate with Developers, Engineers and Operations teams to verify standardized responses are accurate.
    • Work with automation team to automate all STIG and control responses into one unique database that will streamline and standardized answers across multiple contracts including ISP’s and Activities.
    • Ensure responses are kept updated and accurate by completing timely reviews.
  • Support efforts to operate, maintain, and dispose of information system materials in accordance with security directives, policies and practices and as annotated in Systems Security Plans.
  • Generate and implementation of requisite security training ensuring user security awareness of responsibilities prior to system access.
  • Initiate protective and corrective measures when incident or vulnerabilities are discovered.
  • Ensure IA hardware and software complies with security configuration guides.
  • Implement and enforce IA policies and procedures as defined by A&A documentation.
  • Ensure users are aware of their IA responsibilities.
  • The ability to work on multiple projects/tasks at once and operate in a dynamic, fast-paced, team-oriented environment.
  • Perform Operations & Sustainment (O&S) security functions for multiple mission critical systems.
  • Experience with Cloud Infrastructure/AWS-based technology and Threadfix
  • Experience using security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, and EMET
  • Respond to escalated troubleshooting requests
  • Present Monitoring/Test Results and Reports as required
  • Perform/support integration testing as required
  • Participates in special projects as required.
  • Ability to review Plan of Action and Milestones (POA&Ms) and conduct a technical decomposition categorization, remediation, and lien resolution
  • Execute remediation process to implement technical solutions to address vulnerability findings via ACAS security scan.
  • Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies including understanding and following required Firewall Change Request processes.
  • Experience and scripting ability on Unix and/or RHEL OS
  • Experienced with complex Microsoft macros, and PowerShell scripts
  • Basic understanding of Windows Enterprise AD architecture and VMWare Virtualization
  • Must be proficient in network routing/vlan technology
  • Forward thinker that can utilize experience and current tools to automate the A&A process.
  • Flexible with the ability to be streamlined across multiple contracts and disciplines.
  • Ability to self-motivate, maintain unclassified network connection, and support several (3-5) days of in office support monthly.

Desired Knowledge, Experience and Skills:

  • Active TS/SCI security clearance
  • Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
  • 10-15 years of related experience in data security administration.
  • CISSP certification or equivalent (CAP, GSLC, CISM)
  • System administration experience
  • Network engineering experience
  • System design and development experience
    • Defines, plans, designs, and evaluates information security systems. Assesses architecture and current hardware limitations, defines and designs system specifications, input/output processes and working parameters for hardware/software compatibility. Performs a variety of complex tasks associated with information security ranging from the design of security components to complex architectures. Supervise the work of other engineers performing a variety of information security tasks.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.