**Req ID:** RQ212190 **Type of Requisition:** Expatriate **Clearance Level Must Be Able to Obtain:** Top Secret **Public Trust/Other Required:** None **Job Family:** Cyber and IT Risk Management **Skills:** Cross Domain Solutions,Information System Security,Risk Management Framework,Technical Auditing **Certifications:** Certified Information Systems Security Professional (CISSP) | International Information System Security Certification Consortium (ISC2) - International Information System Security Certification Consortium (ISC2) **Experience:** 6 + years of related experience **US Citizenship Required:** Yes **Job Description:** **Position Overview** The Commercial Solutions for Classified (CSfC) Information Systems Security Specialist is responsible for the **assessment, review, and lifecycle security oversight** of multi-vendor CSfC architectures in accordance with NSA policies and Capability Packages (CPs). This role ensures classified information is protected through layered commercial technologies and supports the maintenance of NSA CSfC Registration, Cross Domain Solution Element (CDS-E) Assessment and Authorization (A&A) approvals, and Authority to Operate (ATO) packages. This position is **assessment-focused** and does not perform day-to-day system engineering or operational administration. The role evaluates the **implementation and effectiveness of security controls and supporting evidence** to support risk-based authorization decisions. The security specialist works closely with system architects, program managers, ISSOs, ISSEs, and accreditation authorities to ensure solutions meet technical, operational, and security requirements throughout the system lifecycle. A strong technical background is recommended to effectively perform security assessment responsibilities. **Key Responsibilities** **Systems Security Assessment** + Conduct **technical security assessments** as part of the RMF lifecycle, with emphasis on control implementation and effectiveness. + Review CSfC solution architectures, enclave boundaries, and data flows to support assessment activities and risk determinations. + Identify, prioritize, and track vulnerability scan findings **from an assessment and reporting perspective** . + Review Security Technical Implementation Guides (STIGs) **for compliance and assessment purposes** . + Review Security Information and Event Management (SIEM) solutions to validate appropriate logging, alerting, and monitoring capabilities. **Documentation & Accreditation** + Develop, review, and maintain security documentation including: + eMASS authorization packages + NSA CSfC Registration packages + Cross-Domain Solution (CDS) Assessment & Authorization (A&A) packages + Document and track Plans of Actions and Milestones (POA&M) findings. **Compliance & Risk Management** + Assess system compliance with applicable policies and frameworks, including: + CSfC Capability Packages (Mobile Access and Multi-Site Connectivity) + NIST SP 800-53 Rev. 5 security controls + Air Force and USAFE-specific cybersecurity policies + Conduct security reviews for proposed product substitutions, upgrades, or configuration changes to assess security impact and risk. **Security Leadership** + Provide technical assessment guidance to engineers, Authorizing Officials (or their designated representatives), and other stakeholders. + Interface with NSA CSfC, CDS-E, and AO personnel as required to support assessment and authorization activities. **Required Qualifications** + Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical discipline, or equivalent relevant experience. + **5–10+ years of experience** in cybersecurity engineering, security assessment, network security, or related technical roles supporting complex system environments. + Demonstrated experience **assessing and validating technical security controls** , including evaluation of system architectures, data flows, enclave boundaries, and boundary protections. + Strong technical foundation in enterprise networking and security, including: + Network engineering fundamentals (routing, switching, VLANs, segmentation) + Encryption technologies such as IPsec, VPNs, and PKI/certificates + Firewall and boundary protection concepts in high-assurance or classified environments + Hands-on experience supporting or assessing systems under the **NIST Risk Management Framework (RMF)** , including implementation of **NIST SP 800-53 Rev. 5** security controls. + Experience developing, reviewing, or supporting **Authorization and Accreditation (A&A)** artifacts, including SSPs, SAPs, SARs, POA&Ms, and/or **NSA CSfC registration packages** . + Working understanding of **NSA CSfC architectures** , including CSfC capability packages, approved components (e.g., firewalls, VPN gateways), and assessment expectations. + **Current CISSP certification is required.** + **CCNP-level networking certification** (CCNP Security preferred or CCNP Enterprise acceptable), or the ability to obtain within a defined timeframe. + **Operational experience with a SIEM / continuous monitoring platform** , including log ingestion, correlation, alert triage, and analysis in support of continuous monitoring or incident response activities. Experience with **IQ-Core Continuous Monitoring Manager (CMM)** or **Splunk** satisfies this requirement. + Must meet all applicable **DoD 8140 requirements** for assigned cybersecurity roles. **Preferred Qualifications** + Experience aligned with **IAM Level II or IAT Level II** roles in DoD or Intelligence Community environments. + Prior experience supporting, assessing, or auditing **NSA-approved CSfC solutions** , including interaction with government assessors or registration authorities. + Familiarity with technologies commonly deployed in CSfC and classified environments, including: + Cisco routing, switching, and firewall platforms + Palo Alto Networks firewalls + Juniper routing platforms + Aruba networking solutions + Experience with **IQ-Core Continuous Monitoring Manager (CMM)** in operational or assessment roles. + Working knowledge of **Certificate Authority (CA) and PKI** solutions. + Familiarity with **Virtual Desktop Infrastructure (VDI)** architectures. + Experience using **Tenable Nessus (ACAS)** for vulnerability scanning and reporting. + Experience providing **technical risk input** to Authorizing Officials, Security Control Assessors, or CSfC review bodies. **Security Clearance** + Active Secret clearance required; Top Secret / SCI preferred. **Soft Skills** + Strong communication skills with both technical and non-technical audiences. + Ability to clearly document complex systems and assessment results. + Analytical thinker with strong problem-solving abilities. Comfortable working in fast-paced, high-security environments **GDIT IS YOUR PLACE** At GDIT, the mission is our purpose, and our people are at the center of everything we do. ● Growth: AI-powered career tool that identifies career steps and learning opportunities ● Support: An internal mobility team focused on helping you achieve your career goals ● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off ● Community: Award-winning culture of innovation and a military-friendly workplace \#DefenseOCONUS #GDITPriority **OWN YOUR OPPORTUNITY** Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters. The likely salary range for this position is $93,500 - $126,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Total compensation for international positions varies by tax, social security, and immigration statuses, as well as location. Generally, an international assignment may include allowances, premium uplifts, and/or relocation or transportation benefits, above base salary range noted. Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans