Information Systems Security Engineer (ISSE) (TS/SCI with Polygraph REQUIRED)

About The Position

Requirements

• Bachelor’s Degree in Computer Science, IT, or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience
• Minimum eight (8) years or relevant degree plus five (5) years of demonstrated cybersecurity expertise
• Ability to work closely with stakeholders, developers, and external teams including customer security managers (ISSMs), ISSO, organizational leadership, and key personnel.
• Identify requirements for documentation associated with system categorization, the System Security Plan, and systems risk assessment as required under NIST 800-53/53A.
• Previous experience completing customer Assessment and Authorization (A&A) process from start to end.
• Assess system compliance with NIST requirements, identifying weaknesses and evaluating planned remedial actions based upon those requirements.
• Support control implementation assessment and reporting and monitoring processes using cyber security and assessment management systems.
• Understanding of perimeter controls (firewalls), access control mechanisms, and network architectures.
• Strong understanding of methodologies for researching and documenting software and hardware vulnerabilities.
• Skilled in cross-team collaboration and effective communication to fulfill specific accreditation requirements.
• Strong verbal and written communication/cooperation within a team context.
• Ability to work within fast-paced customer environments.
• Demonstrated skill documenting processes and procedures in CONOPS, system security, contingency, configuration management and other plans.
• Demonstrated ability to facilitate customer concurrences required for risk-based decisions requiring waivers.
• Experience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirements as documented in NIST 800-53 and its revisions.
• Computer Security
• Information Assurance
• Open-Source
• Operating Systems (OS)
• 5 + years of related experience
• US Citizenship Required
• Clearance Level Must Currently Possess: Top Secret SCI + Polygraph
• Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph

Nice To Haves

• Knowledge of the customer's organization, their network systems and infrastructure, processes and procedures, and request and approval tools.
• Experienced in scripting/program languages such as Bash, PowerShell, or Python
• Proficient in Linux, Windows, and TCP/IP networking.
• Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alerting.

Responsibilities

• This position ensures that security is engineered into an information system from design through deployment and operation
• Configure systems securely (OS, network devices, applications)
• Implement and validate security controls
• Provide evidence for Assessment & Authorization (A&A)
• Support continuous monitoring activities
• Support vulnerability scans and remediation
• Ensure secure baseline configurations are applied and maintained
• Support DevSecOps efforts in modern environments
• Assist in developing mitigation strategies
• Contribute to and help maintain: System Security Plan (SSP) Security architecture diagrams POAMs (Plans of Action & Milestones)

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.