Req ID: RQ214484
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Top Secret/SCI
Public Trust/Other Required: None
Job Family: Cyber and IT Risk Management
Skills:
Cybersecurity,DISA STIG,Enterprise Mission Assurance Support Service (eMASS),RMF
Certifications:
CISSP: Certified Information Systems Security Professional - ISC2 - ISC2, CompTIA Security+ CE | CompTIA - CompTIA
Experience:
5 + years of related experience
US Citizenship Required:
Yes
Job Description:
IT AND CYBER RISK AUDITOR SENIOR
Seize your opportunity to make a personal impact as an IT and Cyber Risk Auditor Sr (Alt ISSO) at the Joint Multinational Simulation Center - Indo Pacific, the Pacific's premier simulation complex. Here, you'll tailor cutting-edge solutions to the unique requirements of our customer. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.
At GDIT, people are our differentiator. As an IT and Cyber Risk Auditor Sr (Alt ISSO) you will help ensure today is safe and tomorrow is smarter. Our work depends on an IT and Cyber Risk Auditor Sr (Alt ISSO) joining our team to help build and enable the readiness of our Nation's Army in the Pacific!
MEANINGFUL WORK AND PERSONAL IMPACT :
Lead the architecture and security design of a scalable data and network environment, strengthening high availability, fault tolerance, and security posture across enterprises
Develop and implement Cyber RMF exercises, integrating control validation, threat scenarios, and assessment procedures to evaluate system compliance and resilience
Ensure the cybersecurity Risk Management process and appropriate operational security posture is maintained and documented for the USARPAC Type Training Enclaves and USARPAC Training Exercise Network
In depth knowledge of Information Security Control principles
Follows DoD Directives and Instructions 8140, 8570-01-M, Army regulations AR 25-2, NIST Special Publications 800-53, 800-39, as well as following guidance from other cyber agencies in USARPAC CSPMO, NETCOM, and CYBERCOM
Conducts scheduled SCANs of the training enclaves and systems
Assist with creating RMF products such as plans of action and milestones (POA&M) and STIG checklist and performs continuous monitoring of applied STIGs and patches
Assist in validation of applied STIGs and patches performed by the SAs and NAs. Updates and documents STIGs in response to vulnerabilities identified during risk assessments, audits, & inspections
Produces artifacts and trackers, as well as other documents to meet the Security Control Assessment - Validation (SCA-V) requirement to maintain the USARPAC Type ATO
Maintains and updates records and artifacts into the Enterprise Mission Assurance Support Service (eMASS) system to support and comply with the RMF process
Assures successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals
Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans
Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure.
May server as a task or team lead; not a people manager
Performs other duties as required
WHAT YOU'LL NEED TO SUCCEED:
Education: BS/BA in Cyber Security, Information Security or Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience
Required Experience: 5+ years of related experience; Military and MTC experience preferred
Required Technical Skills:
Skilled in eMASS
Expert knowledge of the SCA-V process and inspection program
Expert understanding of NIST, DoD, & Army Cybersecurity & Risk Management Framework policies, directives, instructions, manuals, and best business practices
Certification: SEC+ is required
Security Clearance Level: TS/SCI
Required Skills and Abilities:
Appropriate DoD 8570.01-M baseline certifications as an IAT II is required
Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities
Knowledge of disaster recovery continuity of operations plans
Knowledge of enterprise incident response program, roles, and responsibilities
Knowledge of network security architecture concepts including topology, protocols, components, and principles
Knowledge of server administration and systems engineering theories, concepts, and methods
Experience with VMWare and Kali Linux
Experience with Solarwinds or similar discovery and analysis tools
Experience with vulnerability assessment tools (i.e. Open VAS; Nessus)
Advanced knowledge of Network and Cybersecurity Architecture planning and maintenance support
Advanced experience in Cybersecurity documentation and auditing tools
Location: On Customer Site
GDIT IS YOUR PLACE:
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
Growth: AI-powered career tool that identifies career steps and learning opportunities
Support: An internal mobility team focused on helping you achieve your career goals
Rewards: 401K with company match
Community: Award-winning culture of innovation and a military-friendly workplace
OWN YOUR OPPORTUNITY
Explore a career in information security at GDIT and you'll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.
GDITArmy
GDITRecruiting
DefenseOCONUS
The likely salary range for this position is $93,662 - $126,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
