Lead Information System Security Officer (ISSO) GDIT is seeking a highly skilled and multi-faceted Lead Information System Security Officer (ISSO) for a critical contract role supporting this commercial Cloud Service Provider's mission-critical systems in our McLean, VA office. The ideal candidate is a proactive and seasoned professional with extensive, hands-on experience navigating the FedRAMP, DOD Impact Level 6 (IL6), and Risk Management Framework (RMF) requirements for classified commercial cloud services and cross domain solutions. This role requires a unique blend of technical engineering prowess, security assessment and auditing skills, deep expertise in continuous monitoring, and the polish to communicate risk to executive leadership. You will be a key contributor to our Governance, Risk, and Compliance (GRC) program, supporting the Information System Security Manager (ISSM) in ensuring the unyielding security and integrity of mission-critical systems. The Lead ISSO will be directly responsible for the following key areas: 1. RMF & Assessment and Authorization (A&A) Lead A&A Execution: Shepherd complex cloud service offerings, and Cross Domain Solutions (CDS) as needed, through the entire respective FedRAMP/DOD IL6 and RMF lifecycle to obtain and maintain the applicable authorizations. This includes classified accreditations adhering to regulations like Raise the Bar (RTB) for CDS systems. Documentation Mastery: Develop, author, and maintain a comprehensive body of evidence for A&A packages. This includes the FedRAMP/DOD IL6 authorization package and appendices, the DOD CDS authorization package requirements, and the IC joint test team authorization package requirements. Continuous Monitoring & POAM Management: Take full ownership of the monthly and overall FedRAMP/DOD IL6, DOD CDS, and IC Continuous Monitoring requirements. Compliance & Policy Adherence: Act as the primary technical interpreter of security requirements/controls, ensuring all network solutions and system architectures strictly adhere to mandates such as ICD 503, NIST SP 800-53, CNSSI 1253, and all applicable DISA STIGs and SRGs. 2. Security Engineering & System Hardening Technical Security Integration: Review system designs, network architectures, and proposed changes to ensure security principles are integrated from the ground up. System Hardening & Configuration: Work with security engineering to implement and validate security controls, to ensure STIGs applied to operating systems, network devices, and applications. Vulnerability Management: Work with security engineering to proactively identify and assess vulnerabilities using tools like Tenable Nessus. Work with system administrators to prioritize and track remediation efforts, ensuring compliance with established timelines. Network Security & Architecture Review: Conduct in-depth firewall rule reviews, analyze network architecture for security flaws, and manage Ports, Protocols, and Services Management (PPSM) submissions in alignment with Continuous Monitoring activities. 3. Security Control Assessor (SCA) & Auditing Security Audits & Inspections: Conduct comprehensive security control audits, traditional security reviews, and formal inspections, including preparing for and executing FedRAMP/IL6 third-party assessment organization (3PAO) assessments, DOD CDS assessments, and IC assessments. (Potential to support DCSA classified space assessments.) Artifact & Evidence Review: Meticulously review artifacts, logs, and system configurations to ensure they provide sufficient evidence of compliance. Audit the work of ISSEs and system administrators to verify documentation and security posture. Penetration Testing & Validation: Coordinate and/or participate in security testing and penetration testing activities to provide an independent validation of the system's security posture. 4. Continuous Monitoring & GRC Develop & Manage ConMon Strategy: Design, implement, and manage a robust continuous monitoring program that provides near real-time insight into the security posture of all accredited systems. Security Data Analysis: Leverage tools like Splunk, Grafana, eMASS, Xacta, and ServiceNow to aggregate, analyze, and report on security data. Identify trends, anomalies, and potential incidents, providing actionable intelligence to the ISSM and leadership. Risk Management: Perform formal risk assessments and analysis, identifying and documenting potential threats and vulnerabilities and recommending mitigating controls. Incident Response Support: Enable the ISSM and the incident response team with artifacts, providing in-depth system knowledge and security expertise during incident handling and analysis.