REQ#: RQ68036 Information Systems Security Engineer /or/ Cyber Security Engineer - Washington, DC - TS/SCI (Open)
Travel Required: Less than 10%
Requisition Type: Regular
As an ISSE / Cybersecurity Engineer with GDIT be able and ready to perform security control assessments meeting all FISMA requirements related to cybersecurity technical assessments and design tasks on aeronautical and aerospace related systems in accordance with RMF guidance publications, to include NIST SP 800-53 Rev. 4, NIST SP 800-53A, NIST 800-37 Rev.1, and CNSSI 1253/1254, as outlined in DCSA Assessment and Authorization Process Manual (DAAPM) and the Joint SAP Implementation Guide (JSIG). You will interact daily with Air Force program managers and industry subject matter experts across multiple domains (air, space, cyber) to assist the government with technical assessments, strategic planning, and engineering evaluations. This position will be located in the Washington, DC area.
As the Information Systems Security Engineer (ISSE) some of your duties are as follows:
Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations, and recommend mitigation strategies.
Validate and verify system security requirements definitions and analyze and establish system security designs.
Conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by a system to determine the overall effectiveness of the security controls.
Reviewing Risk Assessment Reports (RARs) and provide feedback to ISSMs regarding the completeness of the risk assessment and appropriateness of planned safeguards.
Assessing the severity of any weakness or deficiencies discovered in the system and its environment of operation, and recommending corrective actions to address identified vulnerabilities.
Evaluating threats and vulnerabilities to systems to ascertain the need for additional safeguards.
Reviewing Plans of Actions and Milestones (POA&Ms) to ensure weaknesses are identified, effective / acceptable mitigation strategies are planned, and timelines are acceptable an on track.
Preparing and submitting the final Security Assessment Report (SAR) containing the results and findings from an assessment and a recommended risk-based authorization decision to the Authorizing Official (AO).
Assessing proposed changes to systems, their environment of operation, and mission needs that could affect system authorization.
14+ years of experience with DoD, USAF, and interagency cybersecurity and/or information assurance within the following areas:
Testing NIST SP 800-53 security controls.
Experience with IT audits, including conducting technical security compliance tests and vulnerability assessments.
Experience with conducting security assessment and authorizations or Certification and Accreditation (C&A).
Knowledge of reverse engineering best practices and industry standard methodologies.
DoD, USAF, and interagency information assurance requirements.
DoD, USAF, and interagency security accreditation procedures.
Cyber systems development and sustainment.
Network protection, attack, and exploitation.
Integration and test for DoD & USAF systems.
Current applicable SAP and SCI information assurance requirements (e.g., JSIG, RMF, JAFAN, etc.).
DoD and/or USAF Special Access Programs.
Able to work either independently or in a team to conduct reverse engineering.
The ability to coordinate, brief, and work with Senior DoD officials.
Excellent written and verbal communication skills are required.
Bachelors degree in an IT-related field (e.g., cybersecurity, computer science, computer engineering).
Masters degree in an IT-related field (e.g., cybersecurity, computer science, computer engineering) (DESIRED)
(DoD 8570 compliant) - One or more of the following required:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Cisco Certified Network Engineer (CCNE)
Microsoft Certified Systems Engineer (MCSE).
Certified Ethical hacker (CEH) (Preferred)
TS cleared, SCI/SAP eligible
U.S. Citizenship is required for this position.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.