Information Systems Security Engineer (ISSE)

About The Position

Requirements

• Education: Bachelor of Arts/Bachelor of Science
• Experience: 12+ years of related experience (No Degree- 16 years; Associates- 14 years; Master's- 10 years; Ph.D.- 8 years)
• Technical skills: Knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes.
• Certifications: Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) (or Associate), CompTIA Advanced Security Practitioner (CASP) CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), or CISSP- Information System Security Architecture Professional (ISSAP)
• Security clearance level: TS/SCI Eligible
• US citizenship required
• Role requirements: Primarily onsite in DC but some travel may be required

Responsibilities

• Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the NIST Risk Management Framework (RMF) lifecycle for the Agency IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, Agency risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making.
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.
• Advisory and security design role in planned future IT solutions
• Close integration with system technical personnel to build required security configurations (centralized logging, MFA, vulnerability remediation)
• Emphasis on achieving new system ATO in a timely fashion
• Emphasis on closing technical security gaps

Benefits

• Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• AI-powered career tool that identifies career steps and learning opportunities
• An internal mobility team focused on helping you achieve your career goals
• Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Award-winning culture of innovation and a military-friendly workplace
• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.