"Alerted.org

**Req ID:** RQ211839

**Type of Requisition:** Regular

**Clearance Level Must Be Able to Obtain:** None

**Public Trust/Other Required:** BI Full 6C (T4)

**Job Family:** Cyber and IT Risk Management

Skills:

Amazon Web Services (AWS) Security,IT Security Architecture,NIST 800 Series,Risk Assessments,Security Analysis

Experience:

5 + years of related experience

Job Description:

We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being rusted to deliver your best every day.

We think. We act. We deliver. There is no challenge we can’t turn into opportunity and our work depends on an **Information System Security Officer (ISSO)** to support the Centers for Medicare and Medicaid Services (CMS) Center for Consumer Information & Insurance Oversight (CIIO) Customer Relations Management System (CCRMS), supporting customer service efforts related to back-office functions of the ACA and the Marketplace. Work visa sponsorship will not be provided for this role.

At GDIT, people are our differentiator. As an ISSO supporting CCRMS, you will be a part of a security team that supports projects' information security needs and provides advisory services to the project team and client personnel to comply with a federal agency's comprehensive security program and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). In this role, a typical day might include:

+ Reviewing security documentation including but not limited to system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment, and FIPS categorization providing recommendations and areas of improvement.

+ Providing support for the security life cycle of applications to the project teams and client stakeholders.

+ Providing advice and guidance on the implementation of network/system/software security in accordance with mandates and other directives.

+ Collaborating with the project team(s) to support security activities.

+ Assisting with identifying and mitigating risks.

+ Conducting security impact assessments and advises managers and stakeholders of results.

+ Assisting software development team to reduce security risks in database application development projects

WHAT YOU'LL NEED TO SUCCEED:

+ Bachelor’s degree and 5+ years of directly related experience in Information Security/Assurance.

+ 3+ years of experience with AWS security services.

+ Experience with NIST 800 series of Special Publications, disaster/contingency planning, risk assessment, and the NIST Risk Management Framework

+ Experience with Information Security practices, networks, software, and hardware, computer programming, operating systems.

+ Experience with computer desktop packages such as Microsoft Word, Excel, etc.

+ Exceptional communication and interpersonal skills with experience working with all levels of program and client project team members and the ability to establish and maintain a strong customer-focused working relationship.

+ Experience developing and maintaining security-related documentation and deliverables, including System Security Plan (SSP), Security Impact Analysis (SIAs), Information System Risk Assessment (ISRA), Privacy Impact Assessment (PIA), and Incident Response Plan (IRA).

+ Experience with Security architecture.

+ One or more security-related certification, such as CISSP or Security+ Hands-on experience using JIRA and Confluence **.**

+ Candidate must be able to obtain Public Trust (T4) clearance.

+ Candidate must have lived in the United States at least three (3) out of the last five (5) years.

DESIRED QUALIFICATIONS AND EXPERIENCE:

+ Salesforce experience.

+ Experience supporting the Centers for Medicare and Medicaid Services (CMS) and/or the healthcare industry.

+ Experince with CMS Acceptable Risks and Safeguards and CMS Information System Security policies and procedures

+ Experience with RSA Archer Assessment and Authorization and DISA Security Technical Implementation Guides

+ Hands-on experience wtith end point security and vulnerability scanning tools

+ Detail oriented, with strong follow-up skills to ensure completion of tasks (e.g., ability to track failed test cases and ensure that the technical resolution is completed and re-tested).

+ Excellent knowledge of industry best practices, trends, and difficulties.

+ Ability to work independently and interact regularly with government and non-government stakeholders at multiple levels of authority.

+ Works well as a team member in a fast-paced and often time-sensitive environment.

GDIT IS YOUR PLACE

At GDIT, the mission is our purpose, and our people are at the center of everything we do.

+ Growth: AI-powered career tool that identifies career steps and learning opportunities

+ Support: An internal mobility team focused on helping you achieve your career goals

+ Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

+ Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY

Explore a career in program management at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.

The likely salary range for this position is $85,093 - $115,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee’s date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans