IS Security Engineer (ISSE), TS/SCI with Polygraph

Information Systems Security Engineering personnel shall support required Assessment and Authorization (A&A) and Continuous Monitoring (ConMon) actions and tasks associated with ensuring compliance with all Risk Management Framework (RMF) requirements in technology diverse, multi-level classification environments.

This includes:

1. Coordinating, developing and maintaining required Body of Evidence (BoE)
2. Tracking and executing RMF actions to obtain / maintain valid authorizations to include:
   • IATT / ATO w/PoAM submissions
   • Stakeholder collaboration
   • Workflow / tracking tool updates
3. Executing all ConMon activities within documented timelines:
   • BoE collection / coordination
   • ConMon tracking tool updates
   • Track Lien remediation / resolution activities
4. Coordinating and collaborating across Technical and Security Services functional areas and agency stakeholders as directed / required
5. Evaluating system change requests and assessing changes to determine system and organizational risk.
6. Providing recommendations for implementation of security controls and, when necessary, counter-measures or mitigating controls.
7. Conducting regular / recurring reviews of system state and security posture to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.
8. Responding to all queries and requests for applicable security information and reports.
9. Supporting investigations of computer security violations and incidents, reporting as necessary to management.
10. Researching, evaluating, testing, recommending, communicating and implementing security software or devices.
11. Implementing, enforcing, communicating and supporting development of security policies or plans for data, software applications, hardware, and telecommunications.
12. Developing materials for computer security education/awareness programs.
13. Providing recommendations to stakeholders on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies.
14. Engagement with and use of Enterprise Security Services tool (e.g. HBSS, ACAS, Splunk) and coordination with both Security Services and Cyber Engineering stakeholders for prioritization and remediation actions of vulnerability and compliance deficiencies.

QUALIFICATIONS:

1. Bachelors Degree in Information Systems or Cyber Security (or equivalent experience)
2. Minimum of 4 years of demonstrated related / applicable experience
3. Minimum certification (active and valid 8570 IAM Level I Compliant certification (CAP | CND | Cloud+ | GSLC | Security+ CE | HCISPP)
4. IAM Level II compliance preferred (CAP | CASP+ CE | CISM | CISSP (or Associate) | GSLC | CCISO | HCISPP)
5. Location: On Customer Site
6. US Citizenship Required

GDIT IS YOUR PLACE:

1. 401K with company match
2. Comprehensive health and wellness packages
3. Internal mobility team dedicated to helping you own your career
4. Professional growth opportunities including paid education and certifications
5. Cutting-edge technology you can learn from
6. Rest and recharge with paid vacation and holidays