REQ#: RQ212190Public Trust: None Requisition Type: Regular Your Impact

Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.

Job DescriptionPosition Overview

The Commercial Solutions for Classified (CSfC) Information Systems Security Specialist is responsible for the assessment, review, and lifecycle security oversight of multi-vendor CSfC architectures in accordance with NSA policies and Capability Packages (CPs). This role ensures classified information is protected through layered commercial technologies and supports the maintenance of NSA CSfC Registration, Cross Domain Solution Element (CDS-E) Assessment and Authorization (A&A) approvals, and Authority to Operate (ATO) packages.

This position is assessment-focused and does not perform day-to-day system engineering or operational administration. The role evaluates the implementation and effectiveness of security controls and supporting evidence to support risk-based authorization decisions.

The security specialist works closely with system architects, program managers, ISSOs, ISSEs, and accreditation authorities to ensure solutions meet technical, operational, and security requirements throughout the system lifecycle. A strong technical background is recommended to effectively perform security assessment responsibilities.

Key ResponsibilitiesSystems Security AssessmentConduct technical security assessments as part of the RMF lifecycle, with emphasis on control implementation and effectiveness.Review CSfC solution architectures, enclave boundaries, and data flows to support assessment activities and risk determinations.Identify, prioritize, and track vulnerability scan findings from an assessment and reporting perspective.Review Security Technical Implementation Guides (STIGs) for compliance and assessment purposes.Review Security Information and Event Management (SIEM) solutions to validate appropriate logging, alerting, and monitoring capabilities.Documentation & AccreditationDevelop, review, and maintain security documentation including:eMASS authorization packagesNSA CSfC Registration packagesCross-Domain Solution (CDS) Assessment & Authorization (A&A) packagesDocument and track Plans of Actions and Milestones (POA&M) findings.Compliance & Risk ManagementAssess system compliance with applicable policies and frameworks, including:CSfC Capability Packages (Mobile Access and Multi-Site Connectivity)NIST SP 800-53 Rev. 5 security controlsAir Force and USAFE-specific cybersecurity policiesConduct security reviews for proposed product substitutions, upgrades, or configuration changes to assess security impact and risk.Security LeadershipProvide technical assessment guidance to engineers, Authorizing Officials (or their designated representatives), and other stakeholders.Interface with NSA CSfC, CDS-E, and AO personnel as required to support assessment and authorization activities.Required QualificationsBachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field, or equivalent experience.5–10+ years of experience in cybersecurity engineering, security assessment, or related roles.Demonstrated experience assessing technical security controls in complex system environments.Strong understanding of:Encryption technologies including IPsec, VPNs, and certificatesNetwork engineering fundamentals (routing, switching, VLANs)RMF lifecycle, NSA CSfC architecture, and CDS conceptsFamiliarity with CSfC-approved components such as firewalls, VPN gateways, and cross-domain solutions.Experience supporting NIST RMF and NIST SP 800-53 Rev. 5 implementations.Experience developing or supporting A&A documentation and/or NSA CSfC registration packages.Must meet applicable DoD 8140 requirements for cybersecurity roles.Preferred QualificationsExperience aligned with IAM Level II or IAT Level II roles.DoD 8570/8140 baseline certification (e.g., CISSP, CASP+, CCSP), or ability to obtain within a defined timeframe.Prior experience supporting or assessing NSA-approved CSfC solutions.Working understanding of technologies such as:Cisco routing, switching, and firewallsPalo Alto firewallsJuniper routingAruba networkingSIEM solutions (PacStar IQ Core preferred)Certificate Authority (CA) solutionsVirtual Desktop Infrastructure (VDI) architecturesTenable Nessus (ACAS)Security ClearanceActive Secret clearance required; Top Secret / SCI preferred.Soft SkillsStrong communication skills with both technical and non-technical audiences.Ability to clearly document complex systems and assessment results.Analytical thinker with strong problem-solving abilities.

Comfortable working in fast-paced, high-security environments

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

● Community: Award-winning culture of innovation and a military-friendly workplace

#DefenseOCONUS

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.