Job Description

Public Trust: None

Requisition Type: Regular

Your Impact

Own your opportunity to be at the center of GDIT’s business operations. Make an impact by collaborating across functions to make mission success achievable.

Job Description

We are seeking a highly experienced Senior Cyber Security Engineer to lead and enhance our organization's security posture. The ideal candidate will have 10 years of experience in cyber security, including 5+ years of hands-on experience in cloud security across platforms such as Azure, AWS, and/or Oracle Cloud. This role requires a deep thorough understanding of the NIST Risk Management Framework (RMF), Cybersecurity Maturity Model Certification (CMMC), and related security requirements. The Senior Cyber Security Engineer will play a key role in reviewing and analyzing security measures to protect our systems and data from cyber threats.

Key Responsibilities:

• Review and make recommendations for security controls across cloud and on-premises environments.
• Ensure compliance with NIST RMF, CMMC, and other regulatory security requirements.
• Develop and enforce security policies, standards, and best practices for cloud infrastructure and applications.
• Conduct risk assessments and security audits to identify and mitigate security risks.
• Collaborate with program teams to review security measures and make recommendations for improvement.
• Assist in the monitoring and response to security incidents, threats, and vulnerabilities, ensuring timely resolution and documentation.
• Support continuous monitoring efforts to ensure the security posture of multiple IT systems, operating multiple technologies, across multiple environments.
• Evaluate and recommend new security tools and technologies to strengthen cybersecurity defenses.
• Stay updated on emerging cybersecurity threats, industry trends, and best practices.

Required Qualifications:

• 5+ years of experience in cybersecurity, including security architecture, threat analysis, and risk management.
• 5+ years of cloud security experience, with expertise in Azure, AWS, and/or Oracle Cloud.
• Strong knowledge of NIST RMF, CMMC, FedRAMP, and other compliance frameworks.
• Proficiency with NIST special publications, 800 series (i.e. sp800-37, sp800-53, sp800-171)
• Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and Endpoint Detection and Response (EDR).
• Proficiency in cloud security configurations, IAM, CIS Benchmarks or STIGs, log management, encryption, and network security.
• Experience conducting risk assessments, security audits, and incident response.
• Familiarity with Zero Trust Architecture and modern cybersecurity best practices.
• Familiarity with web applications security
• Familiarity with penetration testing and common OWASP top 10 vulnerabilities
• Strong analytical and problem-solving skills.
• Attention to detail with regard to assessment review and reporting
• Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders

Preferred Qualifications:

• Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure Security Certifications.
• Experience with container security (Kubernetes, Docker) and DevSecOps practices.
• Knowledge of scripting and automation using Python, PowerShell, or other relevant languages.

Location:

• On-Site (Hybrid)

Security Clearance:

• No Clearance required
• US Person required

GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays

Work Requirements

Years of Experience

10 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

CISSP - ISC2

Travel Required

Less than 10%

Job Tags

Similar Jobs