Cyber Compliance Officer
General Dynamics Information Technology
$119,000 - $161,000
Posted Sep 23 Job Description:
Type of Requisition:
Regular
Clearance Level Must Currently Possess:
Secret
Clearance Level Must Be Able To Obtain:
Secret
Suitability:
Public Trust/Other Required:
None
Job Family:
Cyber Security
Skills:
Job Qualifications:
Cyber Defense, Cybersecurity, Enterprise IT, Information Assurance, Information Technology (IT)
Certifications:
Security CE + - Comptia CERT
Experience:
4 + years of related experience
US Citizenship Required:
Yes
Job Description:
We are GDIT. We stay at the forefront of innovation to solve complex technical challenges.
GDIT is your place. Make it your own by discovering new ways to apply the latest technologies securely and expertly. Own your opportunity at GDIT and you’ll be a meaningful part of improving how agencies operate. Our work depends on a Cyber Compliance Officer joining our team to support Guard Enterprise Cyber Operations Support (GECOS) program in Falls Church, VA.
At GDIT, we foster a people-centric environment. As a Cyber Compliance Officer, you will support compliance through performing security services in accordance with applicable DoD and Army cybersecurity guidance and regulations.
This is an IT Service Management contract in support of the operation, modernization, expansion, and further evolution of the ARNG’s global Information Technology (IT) services including networking, compute, storage, infrastructure, applications, hosting, and program management services. The GECOS program supports the ARNG enterprise IT infrastructure, its Wide Area Network (WAN), authentication and directory services, cybersecurity, application hosting, and associated services. GECOS uses ITIL best practices framework as the basis for IT Service Management (ITSM) model.
To be successful in this position you need to be collaborative and willing to work within a team. While you will need to be a self-starter completing tasks on your own, working together is critical in this role. You will be interfacing with the client and senior staff. Therefore, you should be articulate in your communications because your opinion matters. You will need to explain technical intricacies in a way that is easily understood.
The Work Includes The Following:
- Providing RMF support to the 54 supported organizations (i.e., 50 states, three territories, and the District of Columbia) Installation Campus Area Networks (ICANs) and HQ Enterprise investments where applicable. This support includes eMASS system record reviews.
- Provide RMF SME support to the 54 in the form of customer training and briefs, managing multiple states simultaneously and briefing the Program Information System Security Manager (P-ISSM) on progress, hurdles, and roadblocks as they arise.
- Providing RMF Support to the 54 for Steps 0 – 3, 5 & 6:
- Step 0 – providing customer(s) with RMF SME Roles & Responsibilities training.
- Step 1 – Providing customers with guidance on how to execute the categorization of their system / ICAN
- Step 2 – Providing customers with guidance on how to choose the security control baseline for their system / ICAN
- Step 3 – Providing customers guidance on how to conduct security control implementation and delegating technology areas in eMASS
- Step 5 – Supporting submission of ATO package artifacts to the Authorizing Official for ATO / risk recommendations
- Step 6 – Support customer in enabling strategies and following guidance to execute continuous monitoring (ConMon) responsibilities.
- Maintaining Supporting cybersecurity compliance requirement identification to follow regulatory guidance for IT investments of the 54 and the DoDIN-A(NG) and DoDIN-A(NG)-S networks and computing services.
- Ensure the 54 are adhering to all Department of Defense (DoD) enterprise security requirements to include those required by the Defense Information Systems Agency (DISA) and the Department of the Army (DA); prepping for and passing Command Cyber Readiness Inspections (CCRIs), obtaining and maintaining Authority to Connect (ATC) and Authority to Operate (ATO) from the Designated Approving Authority (DAA); ensuring compliance with all Secure Technical Implementation Guides (STIGS) and required information assurance (IA) controls.
- Ensuring that the 54 comply with Army directives and mandates and are in keeping with the future Joint Information Environment (JIE) architecture.
The Cyber Compliance Officer Will:
- Measures ARNG compliance with cybersecurity requirements and recommends cybersecurity program operational execution activities, processes, and practices.
- Assists the Government with ensuring the secure configuration and preparation for approval of IT below the system level in the form of Software Assurance across the 54 and in coordination with the RCC-NG in accordance with applicable guidance prior to acceptance into, or connection to, an Army IS and the DoDIN-A(NG).
- Support & maintain an Accreditations and Expiration Dates Record on upcoming expiration of accreditations in addition to RMF-related tasks with an annual and six-month time horizon using RMF Work Management SharePoint tracking tool.
- Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
- Assists in the implementation, management, and administration of the organization’s structure and workflow within eMASS.
- Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
- Assists in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
- Assists ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
- Assists in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
- Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.
WHAT YOU’LL NEED:
Education/Equivalent Training Required:
- Bachelor’s degree in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
Required Experience:
- 4+ years of overall demonstrated experience in cybersecurity, information assurance or computer science (RMF 0-6 step experience a must).
Required Technical Skills Requirements:
- Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
- Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.
- Must have customer service experience as this position will require candidate to engage with senior military and government leadership.
- Must be able to present your ideas clearly through briefings, meetings and interaction with leadership of different skill sets.
- Must be able to provide training sessions as required.
- Must be able to engage with stakeholders to ensure tasks are progressing and meeting timelines.
- Excellent communication skills
- Excellent documentation skills
- Strong organizational and collaborative skills
- Strong teamwork and engagement as a project team member.
- Ability to assimilate information rapidly, motivated to self-study new requirements.
- Maintain current industry knowledge of relevant concepts, practices, and procedures.
- Ability to work under time constraints.
- Adapt to changes in requirements and new projects.
- Maintain and upgrade certifications.
- Other duties may be assigned, directed, or requested.
Certification Requirements:
- Must meet DoD 8570 compliance IAM-I certification (i.e., Security+ CE). Must be current, and a copy must be included with resume.
- Will need to obtain an additional certification within one year to include one of the following CGRC, CISM, CISSP (or Associate).
Security Clearance Level Requirements:
- Must have a minimum of an active Secret clearance at time of interview and candidate must maintain active clearance.
Location:
- Falls Church, Virginia
- Hours and days TBD upon hire. May require occasional shift in work schedule to cover tasking.
- Requires on-site support for first 3 months and if performance is good, telework can be considered part time, but no more than 2 day a week. Could change to full time on site on direction by the government.
Travel:
- Up to 10%. Travel may include attending conferences up to two times annually and site visits to the 54 up to eight times annually.
GDIT IS YOUR PLACE:
- 401K with company match
- Comprehensive health and wellness packages
- Internal mobility team dedicated to helping you own your career
- Professional growth opportunities including paid education and certifications
- Cutting-edge technology you can learn from
- Rest and recharge with paid vacation and holidays
The likely salary range for this position is $119,000 - $161,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:
40
Travel Required:
Less than 10%
Telecommuting Options:
Hybrid
Work Location:
USA VA Falls Church
Additional Work Locations:
Total Rewards At GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.