Type of Requisition:Regular
Clearance Level Must Currently Possess:None
Clearance Level Must Be Able to Obtain:None
Public Trust/Other Required:NACI (T1)
Job Family:Cyber and IT Risk Management
Job Qualifications:Skills:Cloud Applications, Regulatory Applications, Security Compliance Assessment, Security Evaluations, System Security
Certifications:None
Experience:2 + years of related experience
ship Required:No
Job Description:Advance your career while impacting our national security in cyber as a Cybersecurity Engineer at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.
As a Cybersecurity Engineer, the work you'll do at GDIT will be impactful to the mission of our client, the Division of Federal Systems (DFS) for the Office of Child Support Enforcement (OCSE). You will play a crucial role in:
- Conducting and coordinating security reviews and audits of federal and non-federal data exchange partners that access or host OCSE data. Duties include reviewing partner security documentation, performing site audits, ensuring compliance with HHS/ACF and OCSE security requirements, maintaining audit templates, and supporting Federal Agency Redisclosure Site Security Reviews as needed.
- Providing security engineering support to the Security Team in responding to external audits. Responsibilities include assisting OCSE staff in preparing audit responses, coordinating with external auditors, and providing documentation and evidence to address audit inquiries and findings.
- Providing security engineering expertise and guidance to design and development teams to ensure compliance with Federal mandates, OMB and NIST guidelines, and HHS/ACF/FPLS security requirements.
- Participating in routine and on-demand system and application vulnerability scanning, document findings and recommendations, and present analysis of results to stakeholders.
- Participating in the continuous monitoring of FPLS systems and applications in support of the security authorization process through system development life cycle, risk assessments, vulnerability testing, inventory and configuration audits, technical and physical assessments, and development of security documentation.
- Documenting and track internal POAMs for DFS systems and applications
- Assisting in the development and delivery of Security Awareness Training as required.
- Providing security engineering support to incident response activities by analyzing and correlating security events, assessing technical impact, implementing corrective and preventive measures, coordinating with site personnel, and ensuring proper collection and preservation of digital evidence for investigations.
- Supporting security engineering efforts by integrating information security policies and controls into network and system design, collaborating with the security team to ensure consistent application of information assurance principles, and promoting user awareness and adherence to established security policies and procedures.
- Promoting organizational security awareness by integrating sound security principles into strategic goals, researching emerging threats and vulnerabilities, and supporting the publication of security alerts, advisories, and bulletins to keep stakeholders informed and proactive.
- Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data.
Required Skills:- At least 2 years of professional work experience in a cybersecurity role.
- Demonstrated experience and understanding of Information Assurance in the following specialties: Internet and Intranet Applications and Authentication; and Physical, Personnel, Network, Computer, Information, Operational, Administrative, and Communications Security.
- Experience handling multiple tasks simultaneously, and the ability to work independently in a high stress environment with an orientation towards customer service.
- Strong background in governance, risk, and compliance (GRC), including oversight of security agreements and regulatory recertifications.
- Expertise in multi-stakeholder collaboration, partnering with federal, state, and industry entities on providing advisory assistance for data protection and cloud modernization initiatives.
- Experience developing and standardizing security assessment frameworks and documentation.
- Strategic capability in sustaining enterprise-wide security posture through proactive planning and continuous improvement.
- Demonstrated expertise in conducting risk and vulnerability assessments, supporting security audits and compliance reviews, and performing partner/contractor site security assessments
- Exceptional written and verbal communication skills; a writing sample will be requested.
Desired Skills:- Security or IT certifications (e.g. CISSP, CISA, etc.)
- Knowledge of cloud computing, web application vulnerability scanning tools such as IBM AppScan
- Knowledge of the Child Support Enforcement program and system operations.
- Experience handling sensitive data sources and distribution of data containing personally identifiable information.
The likely salary range for this position is $102,000 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:40
Travel Required:Less than 10%
Telecommuting Options:Remote
Work Location:Any Location / Remote
Additional Work Locations:Total Rewards at GDIT:Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee's date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
Never miss an opportunity! Create an alert based on the job you applied for.
