|Date Posted||March 20, 2020|
Travel Required: Less than 10% Requisition Type: Regular
GDIT is seeking Cyber security professional engineers. These professionals will use their Cyber security knowledge, experience and certifications that support the Risk Management Framework process, RMF Steps 1 through Step 6. This includes writing and reviewing technical documentation and procedures that support the Assessment & Authorization (A&A) process for obtaining Cloud ATO. After ATO is obtained, be able to operate in the maintenance and sustainment phase of RMF and support new concepts of Continuous Monitoring (CONMON) and on-going risk mitigation. This is done under the direction of the Cloud First DON CIO memo dated March, 2017.
GDIT has created a Cloud Cyber Security Stack that supports DoD cloud based applications for Amazon Web Services (AWS) and Microsoft Azure service providers. GDIT is creating a portal that allows Mission Owners to migrate to the cloud. Implementation of the Cyber Security Stack and hosting of mission owners / application owners is happening at this time. Be a part of this exciting migration from client server technologies, to the new challenges of cloud hosting technologies such as IaaS, PaaS, CaaS and others. Come be a part of the GDIT Cloud Cyber Team!
The successful candidate will be able to support all A&A, ATO, FedRAMP and other government authorization and risk processes. This includes both infrastructure boundary and the ability to support migrations and installations of applications from client server to a cloud environment. Have an understanding of access control technologies such as CAC or other dual authentication capabilities; Work done in eMASS for RMF work flow updates; DADMS for applications authorizations and DITPR-DON for program compliance is a requirement.
The ability to work directly with customers in support these activities is important. This position may require the candidate to brief status or technical solutions to executive management or the government customer. Some travel may be required.
Location Preference - Candidate may be able to support this effort located in one of four geographical locations:
Bossier City, LA
San Diego, CA
Virginia Beach, VA
- Lead RMF ATO, A&A, according to FedRAMP and other compliance aspects for both the hosting infrastructure and applications
- Work with the architectural and engineering teams to ensure that design and engineering decisions comply with A&A requirements
- Work with the government authorization team to drive all security deliverables to be properly documented and delivered
- Work closely with the architecture teams to ensure that all design considerations include A&A requirements Interview technical Cloud engineering teams to create technical documentation that supports RMF process.
- Interaction with application Mission Owners - The ability to assess authorizations of other Mission Owners. Be able to work with inheritance models so controls are covered
- The ability to work with scan engines, ACAS, apply STIGs where necessary An understanding of HBSS, RBAC and Access Control technologies that will be tested and placed into operation.
- Risk – mitigations, residual
- BS or five years’ experience in the Cyber security or IT fields or seven years w/o degree
- 5+ years’ experience in DoD / FedRamp DIACAP, RBC and/or RMF A&A Activities - -
- Understanding of DoD standards for cloud security such as SCCA, SACA, SRG and FedRAM
- 2+ Years’ experience working with STIGs and compliance engines
- 2+ years’ experience with industry in two or more technologies such as:
b. Intrusion Prevention / Intrusion Detection
c. Web Application Firewall
d. Reverse Proxy
e. Full Packet Capture
f. SSL Inspection
g. End Point Protection
h. Vulnerability Scanning
i. Event Management
k. ACAS, HBSS, scanning technologies
- Excellent written and verbal communication skills
- Secret Clearance
- Security + (S+) Certification
- US Citizenship
- Experience with government cloud providers such as AWS GovCloud and Azure Government - CISSP Certification, working towards CISSP or desire to obtain CISSP
- CCSP Certification, working towards CCSP or desire to obtain CCSP
- Certifications in AWS or MS Azure technologies Other certifications related to LINUX or MS -
- Experience in Agile, DEVOPs or SECDEVOPs capabilities
- On-going maintenance and compliance, leading to CONMON automated monitoring
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.