Security Control Assessor (Active Polygraph Required)
Type of Requisition:RegularClearance Level Must Be Able to Obtain:NonePublic Trust/Other Required:NoneJob Family:Information Security Required Skills Experience in executing scans using vulnerability scanning tools to include Nessus, AppDetective, WebInspect and other vulnerability scanners Experience with using compliance and risk management tools such XACTA, Splunk, Continuum Strong understanding of NIST SP 800-53, RMF, CNSSI 1253, NISPOM,NIST SP 800-137 Ability to continuously monitor systems to ensure security controls are implemented, operate as intended, produce desired outcomes, provide appropriate risk posture and ensure all enterprise systems are protected Understand how to execute enterprise auditing and oversight Ability to monitor the security performance of enterprise systems Experience with identifying, assessing, and reporting on security relevant changes and how they impact systems Experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC) Creates and maintains documentation to include internal processes, procedures, relevant instructions, policies, and guidance Strong project management skills to include creating schedules and presentations, identifying project risks, and outlining project plans Strong technical writing skills Demonstrated experience with cyber security concepts to include encryption services, access control, information protection, network security Experience with AWS and Azure cloud security compliance Knowledgeable of various cloud services to include Infrastructure as a Service, Platform as a Service, Software as a Service Experience with driving cloud security engineering, serving as an interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation Provide expertise in designing and managing IT Security strategy including both infrastructure and applications Ability to provide support to system security assessment of cloud-based systems Desired Skills Splunk Certifications to include User, Power User, Advanced Power User Security Certifications to include CISSP, CISM, CISA, CEH, NCSF, CAP Cloud Security Certifications in Amazon and Azure Demonstrated experience in IT best practices regarding application, enterprise system, and network security Demonstrated experience in identifying and managing risk in an enterprise environment Possesses strong analytical and problem solving skills Possesses excellent interpersonal, organizational, writing, communications and briefing skills Knowledge of FISMA for input to annual audit tasks/#DPOST/#CJPOST/#ISDCJ/#ComebackGDIT/#OpportunityOwned/#GDITCareers/#GDITLife/#WeAreGDITnull We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.