Information Systems Security Officer

Type of Requisition:
Regular

Clearance Level Must Currently Possess:
None

Clearance Level Must Be Able to Obtain:
None

Public Trust/Other Required:
None

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
Security Information, Security Monitoring, Security Requirements, Security System Design, System Security
Certifications:
None
Experience:
7 + years of related experience
ship Required:
No

Job Description:

Seize your opportunity to make a personal impact as an Information Systems Security Officer supporting the Case Management Modernization (CMM) Program. The CMM program is an initiative to support the Administrative Office of the US Courts (AO) in developing a modern cloud-based solution to support all 204+ federal courts across the United States.

GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. The Information Systems Security Officer will work as part of the CMM Enterprise Data Warehouse (EDW) team to deploy a secured cloud-native EDW platform and support the statutory and operational reporting, data cataloging, and other analytical objectives.

RESPONSIBILITIES:

• Provide subject matter expertise for implementing secure by design concept into development to include security design principles, data protection, threat and vulnerability management, compliance and governance, threat and vulnerability management, and performance risk assessments.
• Provide an advanced level of information security expertise needed to solve difficult challenges pertaining to the design and implementation of information security solutions, which may include, but is not limited, to networking, operating system, application and database security relative to both techniques and technologies.
• Identify, document, and automate the integration of security controls into the enterprise architecture and system development life cycle process enabling ongoing (continuous) security monitoring, automated security authorization, and transparent risk reporting.
• Gain organizational approval for the design and architecture of security requirements for cloud environment including the DWaaS component. Implement and maintain upon approval.
• Design, implement and maintain layered system security architectures encompassing software, hardware, and communications to support the requirements and provide for present and future cross-functional needs and interfaces.
• Provide subject matter expertise and hands-on guidance to teams for embedding secure-by-design principles throughout the product lifecycle, including threat modeling and secure coding practices.
• Design and implement cloud workloads, services, databases, etc. with security as a primary consideration, including network segmentation, granular access control, data protection, and encryption and zero trust principles.
• Integrate automated security testing in the CI/CD pipelines enabling real-time feedback and rapid remediation of vulnerabilities during development and deployment.
• Collaborate with the AO Information System Security Office (ISSO) to schedule periodic penetration testing and conduct vulnerability assessments.
• Provide monthly and ad hoc reports on identified vulnerabilities, remediation actions, and security breaches covering all access layers (database, application, infrastructure). Include trend analysis and recommendations for continuous improvement.
• Maintain a risk register and track mitigation process.
• Propose, implement, and validate security risk mitigation activities for all non-production and production environments with documented evidence of effectiveness.
• Validate successful implementation of risk mitigation activities for all non-production and production environments.
• Develop and maintain all Cloud Security Documentation: System Security Plan, Business Continuity Analysis, Disaster Recovery Plan, other documents required for Authority to Operate (ATO).
• Create and maintain a Cloud Security Roadmap, provide updates quarterly and obtain organizational approval for all security architecture and design artifacts.
• Implement and document technical and administrative controls to protect sensitive data from unauthorized internal access, including logging, monitoring, and access reviews.
• Provide operational support for identity and access management (IAM) with granular role-based access controls, integration with on-premises identity management solutions in accordance with Judiciary enterprise security standards and cloud identity solutions and enable product teams to maintain a private image catalog for team specific isolation.
• Support secure design and operation of multi-segment networks, multiple subnets, and virtual network routing, with regular security assessments and documentation.
• Provide product teams with and enforce approved standards for logging and data retention, ensuring logs are protected, searchable, and compliant with regulatory requirements.
• Document and maintain Standard Operating Procedures (SOPs) for cyber security.
• Automate repetitive security tasks (e.g., patching, compliance checks, incident response) to improve efficiency and reduce human error.
• Implement regular reviews and updates of security controls, policies, and procedures to address emerging threats and technological changes.
• Implement regular reporting on security KPIs (e.g., mean time to detect/respond, vulnerability remediation time, compliance status) to demonstrate effectiveness and inform decision-making.
• Establish a process for ongoing assessment and improvement of governance controls.
• Provide guidance and recommendations to stakeholders for containment, validation, and eradication, and support remediation and recovery of incidents (including coordination, documentation, timeline tracking, and resource identification/utilization).

REQUIRED EXPERIENCE & QUALIFICATIONS:

• 7+ years of experience project leadership in monitoring computer networks and security issues, investigating and resolving security and cybersecurity incidents.
• Bachelor's degree in Computer Science, Computer Programming, Computer Engineering or relevant computer-based major.
• Preferred: Certified Information Systems Security Professional (CISSP).
• Preferred: Architect certification from at least one of the cloud service providers (CSPs).
• Experience in documenting security incidents and performing security vulnerability assessments.
• Experience working with Agile teams and SAFe to perform testing and uncovering system and network vulnerabilities.
• Strong working experience in AWS Cloud Security (Certification is preferred) (3+ years' experience).
• Required past ATO experience in AWS environment for large agency. (4+ years' experience).
• Required solid understanding of NIST Standards.
• Experience with the ATO process, FedRAMP, CIS, ISO 27001. (4+ years).
• Solid understanding on ICAM, SIEM, Vulnerability management tools.
• Experience with CSAM or similar tools.

The likely salary range for this position is $127,500 - $172,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
None

Telecommuting Options:
Remote

Work Location:
USA DC Washington

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans