Information System Security Engineer- Springfield, VA - Top Secr

Transform technology into opportunity as an Information Systems Security Engineer (ISSE) with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate.

At GDIT, people are our differentiator. As an Information Systems Security Engineer you will help ensure today is safe and tomorrow is smarter. Our work depends on Information Systems Security Engineer joining our team to support our intelligence customer.

HOW AN INFORMATION SYSTEMS SECURITY ENGINEER WILL MAKE AN IMPACT

• Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment
• Support the control assessment, reporting and monitoring processes
• Work with components to ensure each Risk Based Decisions (RBD's) has a current Waivers.
• Support and document security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed.
• Develop or update the Business Continuity and Contingency Plan for the component.
• Assist the components with decisions that affect security of their systems and networks.
• Conduct assessments of information systems security requirements, evaluate current security posture and recommend priorities for remediation.
• Review information system infrastructure and application architecture to assess security requirements
• Review existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools, etc.)
• Evaluate and strengthen standard SA&A Documentation
• Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities
• Based on the risk profile of the analyzed systems, development and documentation of a Plan of Action and Milestones (POA&M) for mitigating those risks
• Design and development of comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the analyzed systems
• Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems; Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
• Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a POA&M for each of those weaknesses based on industry best practices

Required Skills

• Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, technical certifications or training, and work experience
• 5+ years' experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems.
• 5+ years' experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards.
• 5+ years' IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems
• Top Secret clearance required

GDIT IS YOUR PLACE:
• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays

Work Requirements