Experience Inc. Jobs

Req ID: RQ173502

Type of Requisition: Regular

Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph

Public Trust/Other Required: None

Job Family: Information Security

Skills:

Operational Technology (OT),RMF,Security Content Automation Protocol (SCAP),Security Technical Implementation Guides (STIGs),Supervisory Control and Data Acquisition (SCADA)

Experience:

8 + years of related experience

US Citizenship Required:

Yes

Job Description:

Seize your opportunity to make a personal impact as a Security Control Assessor supporting customer activities. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiator. As a Security Control Assessor, you will help ensure today is safe and tomorrow is smarter. Our work depends on a Security Control Assessor joining our highly skilled team to be a premier provider of cyber security services to the customer. We provide consummate cyber security risk management “as a service” platform across multiple fabrics and centers. We have responsibility to ensure operational IT capabilities provide the client with necessary timeliness, accuracy and security of information demanded from all our highly professional roles. Be the change, lead our change – join us!

HOW A SECURITY CONTROL ASSESSOR WILL MAKE AN IMPACT

• Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.

• Evaluates the security controls within network systems to identify vulnerabilities and recommend actions to correct problems working either alone or as part of a team.

• Ensures integrity of IT systems by identifying and mitigating potential avenues of exploitation including system level attacks and user level attacks.

• Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM

• Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)

• Demonstrated experience conducting hands on security testing, analyzing results, documenting risks, and recommending countermeasures

• Demonstrated experience developing risk assessment reports based on review of security plans and interviews with developer/customer assess systems against information assurance policies, regulations and instructions

• Demonstrated experience providing threat analysis based on identified security vulnerabilities

• Develops and documents security evaluation test plans and procedures

• Demonstrated experience testing security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation

• Familiarity with securing Operational Technology (OT), including supervisory control and data acquisition {SCADA), distributed control systems {DCS), programmable logic controllers (PLCs), and physical access control systems {PACSs) while addressing their unique performance, reliability, and safety requirements.

WHAT YOU’LL NEED TO SUCCEED:

• Education : Bachelor's Degree (Computer Engineering, Computer Science, Electrical Engineering, Information Systems, Information Technology, Cybersecurity, or a closely related discipline)

• Required Experience : 10+ yrs

• Clearance : TS/SCI with Polygraph

• Required Technical Skills:

• Familiarity with NIST SP 800-82 "Guide to Operational Technology (OT) Security", to include typical system topologies, common threats and vulnerabilities, methods and techniques for securing OT systems and countermeasures to mitigate associated risk.

• Expertise in conducting risk-based assessments within Operational Technology (OT) systems including the identification of potential threats, vulnerabilities, regulatory compliance, documentation/reporting, and impacts on critical operations

• Deep understanding of various Operational Technology (OT) systems, architectures and components and security assessment tools/resources such as MITRE ATT&CK for Industrial Control Systems and the National Vulnerability Database (NVD)

• Compliance and vulnerability scanning tools (XACTA, RedSeal, Nessus, Splunk, McAfee ePO, and/or other vulnerability scanners)

• Strong understanding of the Assessment and Authorization (A&A) process

• Excellent oral and technical writing skills

• Desired Certifications:

• CASP, CCNP Security, CISA, CISSP, GCED, or GCIH

• Security Clearance Level : TS/SCI with active polygraph

• Location : McLean, VA - On Customer Site

#OpportunityOwned

#GDITCareers

#WeAreGDIT

#JET

#IntelAprilCampaignReqs

GDIT IS YOUR PLACE:

• 401K with company match

• Comprehensive health and wellness packages

• Internal mobility team dedicated to helping you own your career

• Professional growth opportunities including paid education and certifications

• Cutting-edge technology you can learn from

• Rest and recharge with paid vacation and holidays

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.