Apply for this Job
Information Systems Security Engineer (ISSE) We are seeking an experienced Information Systems Security Engineer (ISSE) to support Assessment and Authorization (A&A) and Continuous Monitoring (ConMon) activities, ensuring compliance with Risk Management Framework (RMF) requirements across multi-level classification environments with diverse technologies. Key Responsibilities The ISSE will play a critical role in maintaining system security by tracking and executing RMF actions in accordance with ICD 503 (NIST 800-53) to obtain and sustain system authorizations. Responsibilities include: Assessment & Authorization (A&A):
Preparing and submitting Interim Authorization to Test (IATT) and Authority to Operate (ATO) requests with Plans of Action and Milestones (PoAMs)
Developing, maintaining, and coordinating required Body of Evidence (BoE) documentation for system assets
Collaborating across Technical Services and Security Services teams, as well as customer agency stakeholders, to ensure compliance
Tracking workflow for lien remediation/resolution activities and entering tracking tool updates
Evaluating system change requests and assessing both system and organizational risks associated with modifications
Continuous Monitoring (ConMon):
Executing ConMon activities within established timelines, including BoE collection and tracking tool updates
Conducting recurring reviews of system state and security posture to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined.
Providing recommendations for security control implementation and identifying necessary countermeasures or mitigating controls
Responding to queries and requests for security information and reports
Incident Response & Security Oversight:
Supporting investigations of security incidents and reporting findings as necessary
Assisting in the communication, implementation and enforcement of security policies and plans for data, applications, hardware, and telecommunications systems
Advising stakeholders on information assurance standards, dependencies, and emerging security technologies
Engaging with Enterprise Security Services tools (e.g., Trellix, ACAS, Splunk) to track and remediate vulnerabilities and compliance deficiencies
Required Qualifications Education: Bachelor's degree in Information Systems, Cybersecurity, or a related field (or equivalent experience)
Experience: Minimum of 4 years of applicable experience in cybersecurity, RMF compliance, or system security engineering
Certifications:
Required: DoD 8570 IAM Level I certification (CAP, CND, Cloud+, GSLC, Security+ CE, or HCISPP) - must be active and valid
Preferred: IAM Level II certification (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP)
Preferred Skills:
Experience with cloud security implementations in Azure or AWS
Strong understanding of security policies, risk management, and vulnerability assessment tools
Why Join GDIT? At GDIT, we foster professional growth and provide opportunities to advance your career in a mission-critical environment. Our benefits include: 401(k) with company match
Comprehensive health and wellness programs
Dedicated internal mobility team to support career advancement
Paid education and professional certification opportunities
Access to cutting-edge technologies and innovative projects
Paid vacation and holidays to support work-life balance
Join us at GDIT and contribute to securing the future of national security. Work Requirements
Date Posted: 12 March 2025
Apply for this Job