Information Systems Security Management - TS/SCI w/Polygraph

McLean, Virginia, USA

18 hours ago

SRA International, Inc., A CSRA Company

Seize your opportunity to make a personal impact as an Information Systems Security Management supporting customer activities. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiator. As an Information Systems Security Management (ISSM), you will help ensure today is safe and tomorrow is smarter. Our work depends on an ISSM joining our highly skilled team to be a premier provider of cyber security services to the customer. We provide consummate cyber security risk management “as a service” platform across multiple fabrics and centers. We have responsibility to ensure operational IT capabilities provide the client with necessary timeliness, accuracy and security of information demanded from all our highly professional roles. Be the change, lead our change – join us!

HOW AN ISSM WILL MAKE AN IMPACT

Manage Analysts engaged in ensuring the safety of information systems assets and protection of systems from intentional or inadvertent access or destruction.

Provide support for a program, organization, systems or enclaves. Support the Agency RMF Workflow and Processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies.

Coordinate with the Data Custodian, Project Owner, and ISSM to identify the types of information processed, assign the appropriate security categorizations to the information systems, determine the information security and privacy impacts, and manage information security and privacy risk. Document the controls in the information security and privacy plan (or equivalent document) to ensure implemented controls meet or exceed the minimal controls defined by CISO guidance.

Maintain current system information in XACTA (e.g., POCs, artifacts) to support organizational requirements and processes (e.g., communication, contingency planning, training, data calls)

Evaluate the impact of network and system changes using RMF processes.

Ensure anomalies identified under the Sponsor's Information Security Continuous Monitoring activities are addressed and remediated in a manner that commensurate with the risks posed to the system from the anomalies.

Submit recommendations to the stakeholders for system configuration deviations from the required baseline.

Develop and maintain a system security plan (SSP)

Conduct periodic reviews to ensure compliance with SSP.

Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented.

Ensure system recovery processes are monitored to ensure security features and procedures are properly restored

Ensure all IS security-related documentation is current and accessible to properly authorized individuals

Formally notify the appropriate individuals when changes occur that might affect authorization

Participate in governance and project reviews identified by the Sponsor

WHAT YOU’LL NEED TO SUCCEED:

Education: Bachelors (Computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline)

Required Experience: 8+ yrs

Required Technical Skills:

Require strong documentation skills to create and update policies, process documentation and procedures

Experience with XACTA 360, Continuum and other SCAP Compliant tools,

Demonstrated experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs

Security Clearance Level: TS/SCI with active polygraph

Preferred Certifications:

Certified Information Systems Security Professional (CISSP)

Certified Information Systems auditor (CISA)

NIST Cybersecurity Framework (NCSF)

AWS Solutions Architect Associate or Professional

Location: McLean, VA - On Customer Site