Job Requirements
Washington, DC
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Advance your career while impacting our national security in cyber as a Information Systems Security Engineer (ISSE) Principal at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.
MEANINGFUL WORK AND PERSONAL IMPACT
The Information System Security Engineer (ISSE) will provide support to system owners for all assigned systems throughout their entire lifecycle following FIPS-199 and NIST SP 800-53. This includes systems that are planning, undergoing, or maintaining their Security Assessment and Authorization (SAA) within the Agency, ensuring each system achieves and maintains a timely and compliant Authorization to Operate (ATO). This support will proactively engage with system owners, authorizing official, and the OCIO's assessment team to ensure all security documentation and requirements are met, reducing the risk of delays or lapses in system authorization. As an ISSE you will:
• Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the NIST Risk Management Framework (RMF) lifecycle for the Agency IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, Agency risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making.
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.
• Advisory and security design role in planned future IT solutions
• Close integration with system technical personnel to build required security configurations (centralized logging, MFA, vulnerability remediation)
• Emphasis on achieving new system ATO in a timely fashion
• Emphasis on closing technical security gaps
WHAT YOU'LL NEED TO SUCCEED
Bring your cyber expertise and drive for innovation to GDIT. The Cybersecurity Engineer Principal must have:
• Education: Bachelor of Arts/Bachelor of Science
• Experience: 12+ years of related experience (No Degree- 16 years; Associates- 14 years; Master's- 10 years; Ph.D.- 8 years)
• Technical skills: Knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes.
• Certifications: Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) (or Associate), CompTIA Advanced Security Practitioner (CASP) CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), or CISSP- Information System Security Architecture Professional (ISSAP)
• Security clearance level: TS/SCI Eligible
• US citizenship required
• Role requirements: Primarily onsite in DC but some travel may be required
GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award-winning culture of innovation and a military-friendly workplace
OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.
MEANINGFUL WORK AND PERSONAL IMPACT
The Information System Security Engineer (ISSE) will provide support to system owners for all assigned systems throughout their entire lifecycle following FIPS-199 and NIST SP 800-53. This includes systems that are planning, undergoing, or maintaining their Security Assessment and Authorization (SAA) within the Agency, ensuring each system achieves and maintains a timely and compliant Authorization to Operate (ATO). This support will proactively engage with system owners, authorizing official, and the OCIO's assessment team to ensure all security documentation and requirements are met, reducing the risk of delays or lapses in system authorization. As an ISSE you will:
• Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the NIST Risk Management Framework (RMF) lifecycle for the Agency IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, Agency risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making.
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.
• Advisory and security design role in planned future IT solutions
• Close integration with system technical personnel to build required security configurations (centralized logging, MFA, vulnerability remediation)
• Emphasis on achieving new system ATO in a timely fashion
• Emphasis on closing technical security gaps
WHAT YOU'LL NEED TO SUCCEED
Bring your cyber expertise and drive for innovation to GDIT. The Cybersecurity Engineer Principal must have:
• Education: Bachelor of Arts/Bachelor of Science
• Experience: 12+ years of related experience (No Degree- 16 years; Associates- 14 years; Master's- 10 years; Ph.D.- 8 years)
• Technical skills: Knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes.
• Certifications: Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) (or Associate), CompTIA Advanced Security Practitioner (CASP) CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), or CISSP- Information System Security Architecture Professional (ISSAP)
• Security clearance level: TS/SCI Eligible
• US citizenship required
• Role requirements: Primarily onsite in DC but some travel may be required
GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award-winning culture of innovation and a military-friendly workplace
OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.
group id: 90979310