GDIT is seeking a Information Systems Security Manager to oversee the Joint Education and Training System (JETS) program. This person will provide oversight and direction of cyber strategy and cybersecurity outcomes to ensure compliance with established governance to ensure all activities performed by GDIT personnel and subcontractors, satisfy all program RMF and cybersecurity governance requirements.
Typical duties include:
- Establishing processes to ensure RMF compliance for new JETS systems and services.
- Oversee subordinates and team mates in the execution of cyber compliance activities to meet IOC and FOC requirements.
- Develop, update, and manage security related documentation within the assigned environment, and its internal and external interconnections to systems/networks.
- Will direct the activities of cybersecurity personnel supporting the JETS Program and supporting cloud-based systems, services and component applications.
- Provide oversight and maintenance of security Assessment and Authorization documentation (e.g., IA Standard Operating Procedures (SOP), System Security Plan (SSP), Risk Assessment Report (RAR), and Security Controls Traceability Matrix (SCTM).
- Establish and maintain day-to-day security posture and continuous monitoring of JETS Services including security event log review and analysis and cybersecurity posture.
- Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
- Provide monthly functional area reports summarizing work accomplished, work planned in next month and important issues occurring during the month.
- Provide oversight of system changes in Operations and Maintenance until disposal in NIST security policies and practices and System Security Plan.
- Performs weekly systems security audits to detect unauthorized activities and maintain security compliance.
- Defines, creates, and maintains the documentation for assessment and authorization of JETS information systems in accordance with government requirements.
- Provide Continuous Monitoring support via Plan of Action and Milestones (POA&M), system and user audits, reviewing scan data.
- Assess the impacts of system modifications and technological advances on security profiles.
- Facilitates ongoing Authorizations, attends meetings and collect/submit artifacts in response to audit requests and guide cyber security compliance strategies in design, development, engineering, implementation, testing and sustainment of JETS services.
- Responsible for the JETS cybersecurity program as stipulated by the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) as defined in SP 800-53 (Rev. 4).
- Oversee security incident response activities
- 5+ years of Information Systems Security Management (ISSM ) experience
- Demonstrated experience with NIST SP 800-37 Risk Management Framework, 800-60, 800-53, 800-53A, FIPS199 (and related OMB and NIST guidance).
- Experience using the Cyber Security Assessment and Management tools including eMASS
- Experience with Nessus Security Center, ACAS, Splunk, ELK, or other like tools.
- Possess strong technical written and verbal communication skills
- Experience working with databases, networks, hardware, firewalls, cross-domain solutions and encryption in a ISSO or Cyber Security Engineer role
- Experience implementing the Risk Management Framework to accredit systems.
- BA/BS (or equivalent experience)
- CISSP Certification REQUIRED
- 8570.01M IAM -III certification desired
- PMP Certification desired
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.