IS Security Engineer (ISSE), TS/SCI with Polygraph

Information Systems Security Engineer (ISSE)

We are seeking an experienced Information Systems Security Engineer (ISSE) to support Assessment and Authorization (A&A) and Continuous Monitoring (ConMon) activities, ensuring compliance with Risk Management Framework (RMF) requirements across multi-level classification environments with diverse technologies.

Key Responsibilities

The ISSE will play a critical role in maintaining system security by tracking and executing RMF actions in accordance with ICD 503 (NIST 800-53) to obtain and sustain system authorizations. Responsibilities include:

• Assessment & Authorization (A&A):
  • Preparing and submitting Interim Authorization to Test (IATT) and Authority to Operate (ATO) requests with Plans of Action and Milestones (PoAMs)
  • Developing, maintaining, and coordinating required Body of Evidence (BoE) documentation for system assets
  • Collaborating across Technical Services and Security Services teams, as well as customer agency stakeholders, to ensure compliance
  • Tracking workflow for lien remediation/resolution activities and entering tracking tool updates
  • Evaluating system change requests and assessing both system and organizational risks associated with modifications
• Continuous Monitoring (ConMon):
  • Executing ConMon activities within established timelines, including BoE collection and tracking tool updates
  • Conducting recurring reviews of system state and security posture to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined.
  • Providing recommendations for security control implementation and identifying necessary countermeasures or mitigating controls
  • Responding to queries and requests for security information and reports
• Incident Response & Security Oversight:
  • Supporting investigations of security incidents and reporting findings as necessary
  • Assisting in the communication, implementation and enforcement of security policies and plans for data, applications, hardware, and telecommunications systems
  • Advising stakeholders on information assurance standards, dependencies, and emerging security technologies
  • Engaging with Enterprise Security Services tools (e.g., Trellix, ACAS, Splunk) to track and remediate vulnerabilities and compliance deficiencies

Required Qualifications

• Education: Bachelor's degree in Information Systems, Cybersecurity, or a related field (or equivalent experience)
• Experience: Minimum of 4 years of applicable experience in cybersecurity, RMF compliance, or system security engineering
• Certifications:
  • Required: DoD 8570 IAM Level I certification (CAP, CND, Cloud+, GSLC, Security+ CE, or HCISPP) - must be active and valid
  • Preferred: IAM Level II certification (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP)
• Preferred Skills:
  • Experience with cloud security implementations in Azure or AWS
  • Strong understanding of security policies, risk management, and vulnerability assessment tools

Why Join GDIT?

At GDIT, we foster professional growth and provide opportunities to advance your career in a mission-critical environment. Our benefits include:

• 401(k) with company match
• Comprehensive health and wellness programs
• Dedicated internal mobility team to support career advancement
• Paid education and professional certification opportunities
• Access to cutting-edge technologies and innovative projects
• Paid vacation and holidays to support work-life balance

Join us at GDIT and contribute to securing the future of national security.

#GDITcareers

#OpportunityOwned

#WeAreGDIT

#transitioningmilitary

#clearedjobs

#veterans

#Autobots

Work Requirements