Lead Information Systems Security Engineer (ISSE) - TS/SCI with Polygraph

Type of Requisition:

Regular

Clearance Level Must Currently Possess:

Top Secret SCI + Polygraph

Clearance Level Must Be Able to Obtain:

Top Secret SCI + Polygraph

Public Trust/Other Required:

None

Job Family:

Information Security

Job Qualifications:

Skills:

Continuous Monitoring, Information Security, Risk Management Framework

Certifications:

None

Experience:

8 + years of related experience

US Citizenship Required:

Yes

Job Description:

We are seeking an experienced Information Systems Security Engineer (ISSE) to lead Assessment and Authorization (A&A) and Continuous Monitoring (ConMon) activities, ensuring compliance with Risk Management Framework (RMF) requirements across multi-level classification environments with diverse technologies.

Key Responsibilities

The lead ISSE will play a critical role in managing and coordinating system security personnel and actions by defining, tracking and executing RMF actions in accordance with ICD 503 (NIST 800-53) to obtain and sustain system authorizations. In addition to performing direct support of those cybersecurity actions and tasks, the Lead ISSE will also be responsible for providing supervisory coverage for a team of 6 or more direct report ISSEs.

Supervisory tasks include

• Defining and coordinating strategy on team operations to meet/exceed contract-driven security goals.
• Assigning, tracking and providing direction for system support and daily tasks
• Offering subject matter expertise as a resource to the team in support assigned task completion.

Responsibilities include

Assessment & Authorization (A&A):

• Oversee team preparation and submission of Interim Authorization to Test (IATT) and Authority to Operate (ATO) requests as well as directly conducting same
• Ensure development, accuracy, maintenance, and coordination of all required Body of Evidence (BoE) documentation for assigned and team system assets
• Collaborate across Technical Services and Security Services teams, as well as customer agency stakeholders, to ensure compliance
• Track and oversee workflow for lien remediation/resolution activities and entering tracking tool updates
• Evaluate system change requests and assessing both system and organizational risks associated with modifications

Continuous Monitoring (ConMon):

• Conduct, oversee and track execution of ConMon activities within established timelines, including BoE collection and tracking tool updates
• Conduct and oversee recurring reviews of system state and security posture to ensure that systems meet security requirements and are compliant with defined security policies and procedures.
• Provide recommendations for security control implementation and identifying necessary countermeasures or mitigating controls
• Respond to and oversee / coordinate responses to queries and requests for security information and reports

Incident Response & Security Oversight:

• Support and coordinate investigations of security incidents and reporting findings as necessary
• Guide and coordinate the communication, implementation and enforcement of security policies and plans for data, applications, hardware, and telecommunications systems
• Advise stakeholders on information assurance standards, dependencies, and emerging security technologies
• Oversee ongoing engagement with Enterprise Security Services tools (e.g., Trellix, ACAS, Splunk) to track and remediate vulnerabilities and compliance deficiencies

The Lead ISSE management responsibilities also include the following activities:

• Drive continuous improvement of ISSE team capabilities to enhance performance and compliance levels over time.
• Lead and contribute direct support to various processes, reporting, and planning for both internal and customer-facing activities.
• Ensure consistency of implementation for consistent RMF/A&A asset management and compliance.
• Create and implement quality management through best practices and efficiencies within the ISSE team, enabling the ability to manage workflows, define priority areas, and view trends.

Required Qualifications

• Education: Bachelor’s degree in Information Systems, Cybersecurity, or a related field (or equivalent experience)
• Experience: Minimum of 6 years of applicable experience in cybersecurity, RMF compliance, or system security engineering as well as a minimum of 2 years of direct management / supervision of IA functions / personnel
• Certifications:
  • Required: DoD 8570 IAM Level II compliant certification required (active and valid CAP | CASP+ CE | CISM | CISSP | GSLC | CCISO | HCISPP)
• Preferred Skills:
  • Masters degree in Information Systems, Cybersecurity, or a related field (or equivalent experience)
  • Direct and documented success with cloud security implementations and Authorization in Azure or AWS environments
  • Thorough understanding of security policies, risk management, and vulnerability assessment tools

Why Join GDIT?

At GDIT, we foster professional growth and provide opportunities to advance your career in a mission-critical environment. Our benefits include:

• 401(k) with company match
• Comprehensive health and wellness programs
• Dedicated internal mobility team to support career advancement
• Paid education and professional certification opportunities
• Access to cutting-edge technologies and innovative projects
• Paid vacation and holidays to support work-life balance

Join us at GDIT and contribute to securing the future of national security.

#GDITcareers

#OpportunityOwned

#WeAreGDIT

#transitioningmilitary

#clearedjobs

#veterans

#Autobots

The likely salary range for this position is $144,500 - $195,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

40

Travel Required:

None

Telecommuting Options:

Onsite

Work Location:

USA VA Chantilly

Additional Work Locations:

Total Rewards at GDIT:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at

gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans