Chantilly, Virginia

Responsibilities for this Position


Location: USA VA Chantilly
Full Part/Time: Full time
Job Req: RQ67185


Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Top Secret

Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph

Public Trust/Other Required:
None

Job Family:
Information Security

Job Description:

The ISSE position shall provide comprehensive Information Assurance (IA) support to customer Directorates and Offices. The ISSE will fall under the agency Information System Security Manager (ISSM) and will provide day-to-day security engineering support by ensuring that IA and Operational security practices are maintained for all assigned Information Systems (IS).

ISSEs must possess a strong working knowledge of:
  • Information Assurance concepts, to include Assessment and Authorization (A&A) activities
  • General Information Technology (IT) system functions
  • Documented Security policies and best practices
  • Standard technical security safeguards
  • Operational Security (OpSec) measures

Assessment and Authorization Support
  • Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each information system during all phases of the IS lifecycle.
  • Knowledge of NIST 800-53 security controls to ensure system implemented and operating as intended during all phases of the information system life cycle.
  • Develop and maintain Security Concept of Operations (SECONOPS) and FISMA documentation prior to system authorization.
  • Support risk assessment and evaluation activities throughout the Assessment and Authorization (A&A) accreditation process.
  • Works closely with the ISSO and System Administrator to maintain the various system and application A&A status.
  • Provide liaison support between the system owner and other information system security personnel.
  • Establish audit trails, ensuring their review and reporting all identified security findings.
  • Make audit reviews available, when required, to the ISSM or Chief Security
    Officer (CSO).
  • Integrate audit reviews with Insider Threat programs and monitoring processes.
  • Tailor audit logs for the Enterprise Security Operation Center (ESOC) to provide an enterprise view of audit data.
  • Configure Spunk to Ingest audit logs and create dashboards.
  • Ensure that selected security controls are implemented and operating as intended during all phases of the information system life cycle.
  • Provide input to the development process which will include Information Security
    planning, design, test and analysis.
  • Perform monthly vulnerability scanning to include
    Nessus Vulnerability (Patch Management) and Compliance (STIG) Scans

    Nessus Database Scans

    Burp Suite Web Application Scans

General
  • Research and maintain knowledge of Information Assurance (IA) policies and practices, seeking clarification from the ISSM or higher authority when needed, and disseminates these to users.
  • Respond to insider threat requests for analysis pertaining to supported systems.
  • Report all Information System security-related incidents in accordance with the reporting requirements in the system's IRP and ISCP.
  • Provide research and analysis of Commercial-Off-The-Shelf (COTS) and Government-
    Off-The-Shelf (GOTS) and IA-enabled products as part of the security architecture and
    ensure products are National Security Telecommunications and Information Systems
    Security Policy Number 11 (NSTISSP-11) complaint and validated via the National
    Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation
    Scheme or National Institute of Standard (NIST) Federal Information Processing Standards (FIPS) Cryptographic Module Validation Program (CMV P).

Qualifications

The following qualifications are desired:
  • Bachelor's Degree with 7 years of experience
  • Active TS/SCI with Poly
  • Education relevant to computer engineering, information security, information management, and/or computer science
  • Any of the following certifications: CISSP, CASP, CAP, GSLC, CISM


Scheduled Weekly Hours:
40

Travel Required:
None

T elecommuting Options:
Telecommuting Not Allowed

Work Location:
USA VA Chantilly

Additional Work Locations:

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.\n\nGDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.





PI125847829

Chantilly, Virginia

General Dynamics is a global aerospace and defense company.

From Gulfstream business jets and combat vehicles to nuclear-powered submarines and communications systems, people around the world depend on our products and services for their safety and security.

We offer a broad portfolio of innovative products and services in business aviation; combat vehicles, weapons systems and munitions; IT and C4ISR solutions; and shipbuilding and ship repair.

General Dynamics employs thousands of people across the globe, with locations in more than 45 countries. We rely on the skills of our employees and their knowledge of customer requirements to deliver best-in-class products and services.

Similar jobs