Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by using your expertise to protect our country from threats.
Job DescriptionInformation Systems Security Engineer (ISSE)
We are seeking an experienced Information Systems Security Engineer (ISSE) to support Assessment and Authorization (A&A) and Continuous Monitoring (ConMon) activities, ensuring compliance with Risk Management Framework (RMF) requirements across multi-level classification environments with diverse technologies.
Key Responsibilities
The ISSE will play a critical role in maintaining system security by tracking and executing RMF actions in accordance with ICD 503 (NIST 800-53) to obtain and sustain system authorizations. Responsibilities include:
Assessment & Authorization (A&A):Preparing and submitting Interim Authorization to Test (IATT) and Authority to Operate (ATO) requests with Plans of Action and Milestones (PoAMs)Developing, maintaining, and coordinating required Body of Evidence (BoE) documentation for system assetsCollaborating across Technical Services and Security Services teams, as well as customer agency stakeholders, to ensure complianceTracking workflow for lien remediation/resolution activities and entering tracking tool updatesEvaluating system change requests and assessing both system and organizational risks associated with modificationsContinuous Monitoring (ConMon):Executing ConMon activities within established timelines, including BoE collection and tracking tool updatesConducting recurring reviews of system state and security posture to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined.Providing recommendations for security control implementation and identifying necessary countermeasures or mitigating controlsResponding to queries and requests for security information and reportsIncident Response & Security Oversight:Supporting investigations of security incidents and reporting findings as necessaryAssisting in the communication, implementation and enforcement of security policies and plans for data, applications, hardware, and telecommunications systemsAdvising stakeholders on information assurance standards, dependencies, and emerging security technologiesEngaging with Enterprise Security Services tools (e.g., Trellix, ACAS, Splunk) to track and remediate vulnerabilities and compliance deficienciesRequired Qualifications
Education: Bachelor’s degree in Information Systems, Cybersecurity, or a related field (or equivalent experience)Experience: Minimum of 4 years of applicable experience in cybersecurity, RMF compliance, or system security engineeringCertifications:Required: DoD 8570 IAM Level I certification (CAP, CND, Cloud+, GSLC, Security+ CE, or HCISPP) – must be active and validPreferred: IAM Level II certification (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP)Preferred Skills:Experience with cloud security implementations in Azure or AWSStrong understanding of security policies, risk management, and vulnerability assessment toolsWhy Join GDIT?
At GDIT, we foster professional growth and provide opportunities to advance your career in a mission-critical environment. Our benefits include:
401(k) with company matchComprehensive health and wellness programsDedicated internal mobility team to support career advancementPaid education and professional certification opportunitiesAccess to cutting-edge technologies and innovative projectsPaid vacation and holidays to support work-life balanceJoin us at GDIT and contribute to securing the future of national security.