Cybersecurity Lead

About The Position

Requirements

• Minimum 8-10 years of professional experience in a multi-level cybersecurity environment for complex systems, preferably supporting Space Force, DoD, or IC programs.
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a closely related field.
• Proficiency with Risk Management Framework (RMF) practices.
• Experience achieving Authority to Operate (ATO) on DoD/Space Systems.
• In-depth understanding of CNSSI 1253 controls, DISA STIGs, and DoD directives.
• DoD 8570/8140 IAM Level III (e.g., CISSP, CISM, GSLC).
• Must have an active TS/SCI clearance and be SAP eligible.
• Strong ability to analyze and mitigate system vulnerabilities.
• Experience with cybersecurity monitoring tools (e.g., Nessus, Splunk, SolarWinds).
• Strong leadership and team collaboration abilities.
• US Citizenship Required: Yes

Nice To Haves

• Background with satellite ground systems or space-related programs is highly preferred.
• Experience with SAP environments and requirements
• CEH, GSEC, or equivalent certifications are a plus.
• Master’s degree in Cybersecurity, Systems Engineering, or related fields.
• Experience with Zero Trust Architecture implementation.

Responsibilities

• Develop and Maintain Cybersecurity Strategy: Lead the development and execution of the cybersecurity strategy for satellite ground systems, ensuring compliance with DoD and Space Force policies, including Risk Management Framework (RMF) controls.
• Lead ATO Accreditation Process: Oversee the system’s Authority to Operate (ATO) process, ensuring all documentation, vulnerability assessments, and accreditation packages meet Space Force cybersecurity standards. Maintain a working understanding of eMASS and knowledge of CSRMC (Cybersecurity Risk Management Construct).
• Stakeholder Coordination: Act as the primary point of contact for cybersecurity-related interactions with the customer, including the U.S. Space Force, DISA, and other DoD entities.
• Integrate Cybersecurity into Engineering Lifecycle: Apply DevSecOPs principles of cATO to ensure cybersecurity is embedded throughout system lifecycle processes, including design, development, testing, deployment, and sustainment.
• Threat Analysis and Mitigation: Identify system vulnerabilities, conduct threat risk assessments, and develop and implement mitigation plans to ensure robust system security.
• Incident Response Planning: Develop and maintain incident response plans, preparing the team for cybersecurity threats and breaches.
• Implement Zero Trust Frameworks: Apply Zero Trust principles to protect against unauthorized access across the satellite ground system.
• Security Tools Implementation: Configure and deploy advanced cybersecurity tools and technologies (e.g., SIEM, endpoint protection, vulnerability scanning tools).
• Compliance Audits: Lead teams through external audits and internal compliance reviews, ensuring adherence to all regulatory requirements.
• Mentorship and Training: Provide mentorship and training to junior team members and program staff to increase the understanding of cybersecurity across the organization.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.