Cyber Compliance Officer with Security Clearance - Falls Church, VA, United States - General Dynamics Information Technology

Description

REQ#:
RQ170843

Requisition Type:
Regular Your Impact Own your opportunity to work with the largest government agency in the nation
Make an impact by advancing the Department of Defense's mission to keep our country safe and secure
Job Description Position Description - Cyber Compliance Officer Program - Guard Enterprise Cyber Operations Support (GECOS) We are GDIT
We stay at the forefront of innovation to solve complex technical challenges
GDIT is your place
Make it your own by discovering new ways to apply the latest technologies securely and expertly
Own your opportunity at GDIT and you'll be a meaningful part of improving how agencies operate
Our work depends on a Cyber Compliance Officer joining our team to support Guard Enterprise Cyber Operations Support (GECOS) program in Falls Church, VA
At GDIT, we foster a people-centric environment
As a Cyber Compliance Officer, you will support compliance through performing security services in accordance with applicable DoD and Army cybersecurity guidance and regulations
This is an IT Service Management contract in support of the operation, modernization, expansion, and further evolution of the ARNG's global Information Technology (IT) services including networking, compute, storage, infrastructure, applications, hosting, and program management services
The GECOS program supports the ARNG enterprise IT infrastructure, its Wide Area Network (WAN), authentication and directory services, cybersecurity, application hosting, and associated services
GECOS uses ITIL best practices framework as the basis for IT Service Management (ITSM) model
To be successful in this position you need to be collaborative and willing to work within a team
While you will need to be a self-starter completing tasks on your own, working together is critical in this role
You will be interfacing with the client and senior staff
Therefore, you should be articulate in your communications because your opinion matters
You will need to explain technical intricacies in a way that is easily understood

The work includes the following:

• Providing RMF support to the 54 supported organizations (i.e., 50 states, three territories, and the District of Columbia) Installation Campus Area Networks (ICANs) and HQ Enterprise investments where applicable

This support includes eMASS system record reviews.

• Provide RMF SME support to the 54 in the form of customer training and briefs, managing multiple states simultaneously and briefing the Program Information System Security Manager (P-ISSM) on progress, hurdles, and roadblocks as they arise.
• Providing RMF Support to the 54 for Steps 0 - 3, 5 & 6:
• Step 0 - providing customer(s) with RMF SME Roles & Responsibilities training.
• Step - Providing customers with guidance on how to execute the categorization of their system / ICAN
• Step - Providing customers with guidance on how to choose the security control baseline for their system / ICAN
• Step - Providing customers guidance on how to conduct security control implementation and delegating technology areas in eMASS
• Step - Supporting submission of ATO package artifacts to the Authorizing Official for ATO / risk recommendations
• Step - Support customer in enabling strategies and following guidance to execute continuous monitoring (ConMon) responsibilities.
• Maintaining Supporting cybersecurity compliance requirement identification to follow regulatory guidance for IT investments of the 54 and the DoDIN-A(NG) and DoDIN-A(NG)-S networks and computing services.
• Ensure the 54 are adhering to all Department of Defense (DoD) enterprise security requirements to include those required by the Defense Information Systems Agency (DISA) and the Department of the Army (DA); prepping for and passing Command Cyber Readiness Inspections (CCRIs), obtaining and maintaining Authority to Connect (ATC) and Authority to Operate (ATO) from the Designated Approving Authority (DAA); ensuring compliance with all Secure Technical Implementation Guides (STIGS) and required information assurance (IA) controls.
• Ensuring that the 54 comply with Army directives and mandates and are in keeping with the future Joint Information Environment (JIE) architecture

The Cyber Compliance Officer will:

• Measures ARNG compliance with cybersecurity requirements and recommends cybersecurity program operational execution activities, processes, and practices.
• Assists the Government with ensuring the secure configuration and preparation for approval of IT below the system level in the form of Software Assurance across the 54 and in coordination with the RCC-NG in accordance with applicable guidance prior to acceptance into, or connection to, an Army IS and the DoDIN-A(NG).
• Support & maintain an Accreditations and Expiration Dates Record on upcoming expiration of accreditations in addition to RMF-related tasks with an annual and six-month time horizon using RMF Work Management SharePoint tracking tool.
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Assists in the implementation, management, and administration of the organization's structure and workflow within eMASS.
• Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
• Assists in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
• Assists ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
• Assists in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
• Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance

WHAT YOU'


LL NEED:

Education/Equivalent Training Required:

• Bachelor's degree in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience

Required Experience:

• 4-6 years of overall demonstrated experience in cybersecurity, information assurance or computer science (RMF 0-6 step experience a must)

Required Technical Skills Requirements:

• Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
• Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.
• Must have customer service experience as this position will require candidate to engage with senior military and government leadership.
• Must be able to present your ideas clearly through briefings, meetings and interaction with leadership of different skill sets.
• Must be able to provide training sessions as required.
• Must be able to engage with stakeholders to ensure tasks are progressing and meeting timelines.
• Excellent communication skills
• Excellent documentation skills
• Strong organizational and collaborative skills
• Strong teamwork and engagement as a project team member.
• Ability to assimilate information rapidly, motivated to self-study new requirements.
• Maintain current industry knowledge of relevant concepts, practices, and procedures.
• Ability to work under time constraints.
• Adapt to changes in requirements and new projects.
• Maintain and upgrade certifications.
• Other duties may be assigned, directed, or requested

Certification Requirements:

• Must meet DoD 8570 compliance IAM-I certification (i.e., Security+ CE)

Must be current, and a copy must be included with resume.

• Will need to obtain an additional certification within one year to include one of the following CGRC, CISM, CISSP (or Associate)

Security Clearance Level Requirements:

• Must have a minimum of an active Secret clearance at time of interview and candidate must maintain active clearance

Location:

• Falls Church, Virginia
• Hours and onsite/remote days TBD upon hire

May require occasional shift in work schedule to cover tasking.

• Requires on-site support for first 3 months and if performance is good, telework can be considered part time, but no more than 2 day a week

Could change to full time on site on direction by the government

Travel:

• Up to 10%

Travel may include attending conferences up to two times annually and site visits to the 54 up to eight times annually

GDIT IS YOUR PLACE:

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays #GECOS #GDITArmy Work Requirements

cls-1{fill:

none;stroke:
#5b6670;stroke-miterlimit:10;stroke-width:2px} Years of Experience 5 + years of related experience

• may vary based on technical training, certification(s), or degree

cls-2{fill:

none;stroke:
#5b6670;stroke-miterlimit:10;stroke-width:2px} Certification CGRC Governance, Risk and Compliance Certification - ISC2


CISSP:
Certified Information Systems Security Professional - ISC2 CompTIA - Security+ - CompTIA Travel Required Less than 10%

cls-3{fill:

none;stroke:
#5d666f;stroke-miterlimit:10}