Information Security- ISSE (Active Top Secret Clearance Required) - Military Veterans

Responsibilities for this Position

Location: USA VA Chantilly
Full Part/Time: Full time
Job Req: RQ67185


Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Top Secret

Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph

Public Trust/Other Required:
None

Job Family:
Information Security

Job Description:

The ISSE position shall provide comprehensive Information Assurance (IA) support to customer Directorates and Offices. The ISSE will fall under the agency Information System Security Manager (ISSM) and will provide day-to-day security engineering support by ensuring that IA and Operational security practices are maintained for all assigned Information Systems (IS).

ISSEs must possess a strong working knowledge of:

• Information Assurance concepts, to include Assessment and Authorization (A&A) activities
• General Information Technology (IT) system functions
• Documented Security policies and best practices
• Standard technical security safeguards
• Operational Security (OpSec) measures

Assessment and Authorization Support

• Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each information system during all phases of the IS lifecycle.
• Knowledge of NIST 800-53 security controls to ensure system implemented and operating as intended during all phases of the information system life cycle.
• Develop and maintain Security Concept of Operations (SECONOPS) and FISMA documentation prior to system authorization.
• Support risk assessment and evaluation activities throughout the Assessment and Authorization (A&A) accreditation process.
• Works closely with the ISSO and System Administrator to maintain the various system and application A&A status.
• Provide liaison support between the system owner and other information system security personnel.
• Establish audit trails, ensuring their review and reporting all identified security findings.
• Make audit reviews available, when required, to the ISSM or Chief Security
  Officer (CSO).
• Integrate audit reviews with Insider Threat programs and monitoring processes.
• Tailor audit logs for the Enterprise Security Operation Center (ESOC) to provide an enterprise view of audit data.
• Configure Spunk to Ingest audit logs and create dashboards.
• Ensure that selected security controls are implemented and operating as intended during all phases of the information system life cycle.
• Provide input to the development process which will include Information Security
  planning, design, test and analysis.

• Perform monthly vulnerability scanning to include
  Nessus Vulnerability (Patch Management) and Compliance (STIG) Scans
  
  Nessus Database Scans
  
  Burp Suite Web Application Scans
  

General

• Research and maintain knowledge of Information Assurance (IA) policies and practices, seeking clarification from the ISSM or higher authority when needed, and disseminates these to users.
• Respond to insider threat requests for analysis pertaining to supported systems.
• Report all Information System security-related incidents in accordance with the reporting requirements in the system's IRP and ISCP.
• Provide research and analysis of Commercial-Off-The-Shelf (COTS) and Government-
  Off-The-Shelf (GOTS) and IA-enabled products as part of the security architecture and
  ensure products are National Security Telecommunications and Information Systems
  Security Policy Number 11 (NSTISSP-11) complaint and validated via the National
  Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation
  Scheme or National Institute of Standard (NIST) Federal Information Processing Standards (FIPS) Cryptographic Module Validation Program (CMV P).

Qualifications

The following qualifications are desired:

• Bachelor's Degree with 7 years of experience
• Active TS/SCI with Poly
• Education relevant to computer engineering, information security, information management, and/or computer science
• Any of the following certifications: CISSP, CASP, CAP, GSLC, CISM

Scheduled Weekly Hours:
40

Travel Required:
None

T elecommuting Options:
Telecommuting Not Allowed

Work Location:
USA VA Chantilly

Additional Work Locations:

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.\n\nGDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

PI125847829