Information System Security Officer (ISSO)

Type Of Requisition:

Regular

Clearance Level Must Currently Possess:

Top Secret/SCI

Clearance Level Must Be Able to Obtain:

Top Secret SCI + Polygraph

Public Trust/Other Required:

None

Job Family:

Cyber and IT Risk Management

Job Qualifications:

Skills:

IT Security Standards, Security Policies, Security Risk Assessment

Certifications:

None

Experience:

8 + years of related experience

Us Citizenship Required:

Yes

Job Description:

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can’t turn into opportunity. And our work depends on TS/SCI level cleared Information System Security Officer (ISSO) in MacDill AFB Tampa, FL.

Job Duties:

• Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment
• Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system
• Assist the component with staying on track with Core Controls and A-123 control assessment schedules
• Work with components to ensure each Risk Based Decisions (RBD’s) has a current Waivers.
• Coordinate with CSS Customer Liaison support, including status of the process and POA&Ms.
• Support and document security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed.
• Develop or update the Business Continuity and Contingency Plan for the component.
• Assist the components with decisions that affect security of their systems and networks.
• Facilitate preparations for the tri-annual Security Assessment and Authorization (SA&A) component’s Information System.
• Conduct assessments of information systems security requirements, evaluate current security posture and recommend priorities for remediation.
• Review information system infrastructure and application architecture to assess security requirements
• Review existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools, etc.)
• Assess NIST 800-53, Rev 4. Control and document results
• Evaluate and strengthen standard SA&A Documentation
• Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities;
• Based on the risk profile of the analyzed systems, development and documentation of a Plan of Action and Milestones (POA&M) for mitigating those risks;
• Design and development of comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the analyzed systems;
• Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems; Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
• Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a POA&M for each of those weaknesses based on industry best practices.
• Design and development of Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems Developing and conducting System Test and Evaluations (ST&Es) and Independent Verification and Validation (IV&Vs) of the security profiles of Federal Government IT Systems
• Conduct OMB A-123 security assessments of Federal Government IT Systems.

Required Skills

• Bachelor’s Degree in Computer Science or related technical discipline, or the equivalent combination of education, technical certifications or training, and work experience
• 8+ years’ experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems.
• 8+ years’ experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards.
• 8+ years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems
• Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system
• TS/SCI clearance required and eligibility to obtain/maintain a CI Poly
• Current certification in one or more of the following IT Security disciplines:
• ISACA - Certified Information Systems Auditor (CISA)
• ISACA - Certified in Risk and Information Systems Control (CRISC)
• ISACA - Certified Information Security Manager (CISM)
• ISACA - Certified in Governance of Enterprise IT(CGEIT)
• (ISC)2 - Certified Information Systems Security Professional (CISSP)
• (ISC)2 - Certified Authorization Professional (CAP)

The likely salary range for this position is $105,400 - $142,600. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

40

Travel Required:

None

Telecommuting Options:

Onsite

Work Location:

USA FL MacDill AFB

Additional Work Locations:

Total Rewards At Gdit:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at

Gdit.Com/Tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans