Information System Security Officer (ISSO)

Public Trust: None

Requisition Type: Regular

Your Impact

Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.

Job Description

GDIT is seeking a highly skilled and multi-faceted Information System Security Officer (ISSO) for a critical contract role supporting a commercial cloud service provider's mission-critical systems. This position requires the employee to report full time on site in McLean, VA.

The ideal candidate is a proactive and seasoned professional with extensive, hands-on experience navigating the FedRAMP, DoW Impact Level 6 (IL6), and Risk Management Framework (RMF) requirements for classified commercial cloud services and cross domain solutions. This role requires a unique blend of technical engineering prowess, security assessment and auditing skills, deep expertise in continuous monitoring, and the polish to communicate risk to executive leadership. You will be a key contributor to our Governance, Risk, and Compliance (GRC) program, supporting the Information System Security Manager (ISSM) and ISSO Lead in ensuring the unyielding security and integrity of mission-critical systems.

The ISSO will support the following key areas -

• RMF & Assessment and Authorization (A&A)

• Security Engineering & System Hardening

• Security Control Assessor (SCA) & Auditing

• Continuous Monitoring & GRC

Additionally, the ISSO will -

• Support Assessment & Authorization (A&A) execution for classified commercial cloud service offerings, and Cross Domain Solutions (CDS) as needed, through the entire respective FedRAMP/DoW IL6 and/or RMF lifecycles to obtain and maintain the applicable authorizations.

• Assist in maintaining a comprehensive body of evidence for A&A packages.

• Support the monthly and overall FedRAMP/DOD IL6, DoW CDS as needed, and IC Continuous Monitoring requirements.

• Work with security engineering to proactively identify and assess vulnerabilities related to scans, STIGs, security controls, etc.

• Support assessment preparation for security control audits, traditional security reviews, and formal inspections, including preparing for and executing FedRAMP/IL6 third-party assessment organization (3PAO) assessments, DoW CDS assessments as needed, and IC assessments. (Potential to support DCSA classified space assessments.)

• Meticulously review artifacts, logs, and system configurations to ensure they provide sufficient evidence of compliance.

• Coordinate and/or participate in security testing and penetration testing activities to provide an independent validation of the system's security posture.

WHAT YOU’LL NEED TO SUCCEED - REQUIRED:

Bring your cyber expertise and drive for innovation to GDIT. The ISSO must have:

● Security clearance level: Must possess a current and active Top Secret. (Personnel may be asked if they agree to be submitted for polygraph.)

● Certifications : Must be DoW 8140 / 8570.01-M compliant

● Education : BA/BS Degree or equivalent experience in lieu of degree

● Experience : 5+ years of related experience

● Technical skills:

----- Expert-level knowledge of the complete NIST SP 800 series (especially 800-37, 800-53, 800-30) and risk management principles.

----- Progressive experience in information assurance and cybersecurity roles.

----- Direct, hands-on experience as an ISSO or ISSM, with a proven track record of successfully supporting ATO for classified systems under IL6, DoW RMF, and/or ICD 503 policies.

----- Extensive, hands-on experience navigating the FedRAMP, DoW Impact Level 6 (IL6), and Risk Management Framework (RMF) requirements for classified commercial cloud services and cross domain solutions.

● Location : Onsite in McLean, VA

DESIRED QUALIFICATIONS:

● Certifications : CISSP (Certified Information Systems Security Professional)

GDIT IS YOUR PLACE

At GDIT, the mission is our purpose, and our people are at the center of everything we do.

● Growth: AI-powered career tool that identifies career steps and learning opportunities

● Support: An internal mobility team focused on helping you achieve your career goals

● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY

Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

Work Requirements

Years of Experience

5 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

Certified Information Systems Security Professional (CISSP) | International Information System Security Certification Consortium (ISC2) - International Information System Security Certification Consortium (ISC2)

Travel Required

Less than 10%

Citizenship

U.S. Citizenship Required