Security Engineer

Type of Requisition: Regular

Clearance Level Must Be Able to Obtain: None

Job Family: Information Security

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our missionit connects every one of us because its embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Security Engineer joining our team to remotely support the Centers for Medicare and Medicaid Services activities.

At GDIT, people are our differentiator. As a Security Engineer supporting CMS, you will be trusted to maintain the safety and security of the organization's systems and network database to prevent unauthorized access and avoid data breaches. You will conduct regular maintenance of networks, create update reports, and resolve glitches and security threats. In this role, a typical day will include:

• Preparing, validating, and maintaining security documentation including, but not limited to: system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment, FIPS categorization
• Providing support for the security life cycle of major applications to the project teams and client stakeholders
• Collaborating with the project team to support security assessments and Certification and Accreditation C&A activities and audits
• Identifying and manageing POA&Ms through remediation as well as develop corrective action plans for each POA&M
• Providing direct support to a client ISSO
• Assisting with identifying and mitigating risks
• Conducting security impact assessments and advising managers and stakeholders of results.
• Providing advice and guidance on the implementation of network/system/software security in accordance with mandates through the application of DISA STIGs, NIST and other directives.
• Assisting software development team reduce security risks in database application development projects.

WHAT YOULL NEED:

• Bachelors degree and 5+ years of relevant experience
• Experience with AWS Security Services, such as: CloudWatch, CloudTrail, GuardDuty, or Inspector
• Hands-on experience with information security practices, networks, software, and hardware, computer programming, operating systems and computer desktop packages such as Microsoft Word, Excel, etc.
• Experience with NIST 800 series of Special Publications, disaster/contingency planning, risk assessment, and the NIST Risk Management Framework
• Working knowledge of system security intrusion detection, incident handling, configuration control, change management, auditing, Assessment and Authorization, information assurance principles (Confidentiality, Integrity, non-repudiation, availability, access control), and security testing
• Must be able to obtain Public Trust clearance
• Must have lived in the United States at least three (3) out of the last five (5) years

PREFERRED QUALIFICATIONS:

• US citizen or a Green Card holder
• At least one (1) security certification, such as CISSP and/or Security+ Experience with CMS Acceptable Risks and Safeguards and CMS Information System Security policies and procedures
• Strong analysis, oral and written communication, and change management skills
• Detail oriented, with strong follow-up skills to ensure completion of tasks (e.g., ability to track failed test cases and ensure that the technical resolution is completed and re-tested.
• Ability to work with all levels of program and client project team members and establish and maintain a strong customer-focused working relationship

WHAT GDIT CAN OFFER YOU:

• Full-flex work week
• 401K with company match
• Collaborative teams of highly motivated critical thinkers and innovators
• Ability to make a real impact on the world around you

Not sure this jobs the one for you? Check out our other openings at

COVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.