Information Systems Security Officer (ISSO) (TS/SCI with Poly Required)
General Dynamics Information Technology
Req ID: RQ186864
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Top Secret SCI Polygraph
Public Trust/Other Required: None
Job Family: Information Security
Skills:
Cybersecurity,Information Security,Information Systems,Network Systems
Experience:
8 years of related experience
US Citizenship Required:
Yes
Job Description:
Information Systems Security Officer
Transform technology into opportunity as an Information Systems Security Officer with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you’ll be at the forefront of innovation and play a meaningful part in improving how agencies operate.
At GDIT, people are our differentiator. As an Information System Security Officer, you will help ensure today is safe and tomorrow is smarter. Our work depends on an ISSO joining our team to support the assessment and authorization (A&A) process for information systems. The successful candidate will have requisite cyber security experience with methods and tools used to improve the security posture of critical systems such as identifying risks, vulnerabilities, anomalies, patching, auditing, automation, security hardening, best practices, and evaluating system changes. In addition, the candidate will collaborate with developers and engineers on projects to create a secure hybrid-cloud environment.
HOW AN ISSO WILL MAKE AN IMPACT
● Manages Analysts engaged in ensuring the safety of information systems assets and protection of systems from intentional or inadvertent access or destruction
Required Technical Skills:
· Understanding of perimeter controls (firewalls), access control mechanisms, and network architectures
· Demonstrated essential understanding of methods for hardening operating systems (e.g., CentOS, RedHat, Windows)
· Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alerting
· Strong understanding of methodologies for researching and documenting software and hardware vulnerabilities
· Experienced working closely with stakeholders, developers, and external teams, including customer security manages (ISSMs), organizational leadership, and key personnel
· Applied experience with the customer’s assessment and authorization tracking tools
· Knowledgeable regarding Common Control Provider (CCP) requirements and methodology
· Demonstrated knowledge and experience with networking topologies and hardware, including commonly used/referenced network devices, IDS and IPS, etc.
· Applied experience with open-source and commercial tools and systems such as nmap, Nessus, Rapid7, Splunk, Nipper, Elasticsearch, Jira, Confluence, Cisco, VMware, Citrix, or Trellix, as well as GOTS tools used by the customer
· Demonstrated experience with the design and implementation of defense-in-depth solutions
· Skilled in cross-team collaboration and effective communication to fulfill specific authorization requirements
· Demonstrated skill documenting processes and procedures in CONOPS and system security, contingency, configuration management and other plans
· Demonstrated ability to facilitate customer concurrences required for risk-based decisions, especially those requiring waivers
· Experience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirement as documented in NIST 800-53 and its revisions
· Extensive familiarity with communications protocols, such as TCP/IP, UDP, HTTP/S, SSH, LDAP, etc.
· Demonstrated experience with security, monitoring and auditing cloud-based technologies, products and services, such as Amazon Web Services (AWS) or Microsoft Azure
· Knowledge of the customers organization, their network systems and infrastructure, processes and procedures, and request and approval tools
· Supported control implementation assessment and reporting and monitoring processes using cyber security and assessment management systems
● Preferred Skills:
Experience in scripting/program languages such as Bash, PowerShell, or Python
Ability to work within fast-paced customer environments
Strong verbal and written communication/cooperation within a team context
WHAT YOU’LL NEED TO SUCCEED:
● Education: Bachelor’s degree in Cybersecurity, IT, or other related technical discipline; or the equivalent combination of education, technical training, or work/military experience
● Required Experience: Minimum eight (8) years applied experience or relevant degree plus 5 years of Cybersecurity expertise with demonstrated ability to successfully shepherd IT projects of varying types through the authorization lifecycle
● Security Clearance Level: TS/SCI with Poly
● Location: On Customer Site
GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays
The likely salary range for this position is $136,000 – $184,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.