Information Systems Security Manager / Officer (ISSM / ISSO)

Information Systems Security Manager / Officer (ISSM / ISSO)

Transform technology into opportunity as an Information Security Analyst Advisor with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT, you’ll be at the forefront of innovation, playing a meaningful role in improving how agencies operate.

At GDIT, people are our differentiator. As an Information Security Analyst Advisor, you will help ensure today is secure and tomorrow is smarter. Our mission depends on a dedicated professional who can perform the procedures necessary to safeguard information system assets and protect them from intentional or inadvertent access or destruction. You'll monitor, evaluate, and maintain the systems and procedures that protect internal information systems, networks, databases, and web-based environments.

Are you a cybersecurity professional with a strong foundation in risk management and security compliance? GDIT is seeking a skilled candidate with ISSO or ISSM experience to support the cybersecurity posture of mission-critical systems. In this hybrid role, you will manage cybersecurity policies, assess risk, and ensure compliance with frameworks such as NIST 800-53 and the Risk Management Framework (RMF). Whether you’re looking to advance your career or take on greater responsibilities, this is an opportunity to contribute to a high-impact program in a collaborative, mission-driven environment.

HOW AN INFORMATION SECURITY ANALYST ADVISOR WILL MAKE AN IMPACT

• Manage the secure development and authorization of new USAFE-AFAFRICA systems, from inception to full operational capability, leveraging NIST security frameworks.
  
• Serve as the primary cybersecurity point of contact for USAFE-AFAFRICA systems, ensuring compliance with security policies, procedures, and regulations while providing timely updates on threats, risks, and authorization status to stakeholders.
  
• Perform all necessary procedures to protect information system assets, including overseeing the accreditation and certification of USAFE-AFAFRICA systems in accordance with DoD, Intelligence Community, and agency-specific requirements.
  
• Prepare and submit System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and risk assessment documentation; collaborate with Authorizing Officials (AOs) to achieve and maintain Authorization to Operate (ATO) status.
  
• Conduct regular reviews of DISA STIGs, analyze ACAS vulnerability scans, and provide remediation feedback to maintain compliance and support continuous monitoring under RMF.
  
• Develop and recommend policies and procedures to ensure information system reliability, availability, and security; perform security evaluations, audits, and reviews to identify vulnerabilities and mitigate risks.
  
• Create and maintain RMF control family documentation and ensure adherence to established procedures.
  
• Recommend and implement training programs to educate users on cybersecurity policies and procedures; participate in network and system design to ensure appropriate security controls are integrated from the start.
  
• Ensure the rigorous application of information security policies, principles, and practices across all IT services. Perform ISSM duties as defined in AFMAN 17-101 and DoDI 8510.01 for assigned systems and applications.
  
• Stay current with applicable DoD and NIST RMF publications, including NIST 800-53, 800-60, 800-37, and DoDI 8540.01.

• A minimum of 8 years of overall experience, with at least 4 years of specialized experience in:
  
  • Defining computer security requirements for high-level applications
    
  • Evaluating approved security product capabilities
    
  • Identifying and resolving computer security issues
    
• Extensive experience with the Risk Management Framework (RMF) and hands-on use of eMASS
  
• Proven ability to review and analyze Assured Compliance Assessment Solution (ACAS) vulnerability scan results, validate findings, and support remediation efforts
  
• Proficiency with Security Technical Implementation Guides (STIGs) and associated automation tools such as:
  
  • SCAP
    
  • STIG Viewer
    
  • eMASSter
    
• Strong technical foundation with familiarity in:
  
  • Virtualization technologies
    
  • Basic networking concepts
    
  • Cloud architecture and implementation
    
  • Industry cybersecurity best practices
    
• Expert-level knowledge of cybersecurity principles, tools, and practices
  
• In-depth understanding of Federal and DoD cybersecurity regulations and policies
  

Location: On Customer Site

US Citizenship Required

DoDD 8570.01M Information Assurance Manager level III baseline certification required.

TESA eligibility/certification required.

Clearance: Top Secret

#DefenseOCONUS

GDIT IS YOUR PLACE:

● 401K with company match
● Comprehensive health and wellness packages
�� Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays