• Performs Information System Security Officer (ISSO) duties in support of in-house and external customers;
• Performs assessment of systems and networks within the system and networking environment and identifies where those systems and networks deviate from acceptable configurations, enclave policy or local policy.  This is achieved by conducting and maintaining evaluations such as compliance audits using STIG Viewer, SCAP, and ACAS (vulnerability assessments);
• Ensures and continuously evaluates compliance with RMF controls by creating and assessing RMF artifacts, identifying where those artifacts deviate RMF control requirements, and establishes compelling evidence within the accreditation package;
• Establishes strict program control processes to ensure mitigation of risks and supports obtaining assessment and authorization of systems.  Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits;
• Assists in the implementation of the required government policy (i.e., NIST, DoD), making recommendations on process tailoring, participating in and documenting process activities;
• Performs analyses to validate established cybersecurity controls and requirements and recommends cybersecurity safeguards;
• Supports program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization;
• Prepares artifacts such as Change Management Policy, Incident Response, Identification and Authentication Plan, Network Diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintains the Plan of Actions and Milestones (POA&M);
• Periodically conducts a complete review of each program, supports operational system's audits, and monitors corrective actions until all actions are closed;
• Coordinates across the program to address identified deficiencies during RMF assessment activities;
• Maintains operational and security aspects of various cross domain solutions;
• Supports external accreditations either hosted or leveraging services, systems, and/or data within the accreditation boundaries;
• Receives, investigates and reports on all orders (DTO, CTO, OPORD) disseminated by DISA, Cybercom, and the DoD.

• Bachelor's degree in a technical field and two (2) years of relevant, applicable experience; OR Master's degree in a technical field with zero (0) years of relevant, applicable experience; OR six (6) years of relevant experience in lieu of degree;
• DoD-issued Secret Security Clearance is required at start;
• Required to have and maintain current IAT Level II certification (Security+, GSEC, or SSCP or CCNA-Security) in accordance with DoD 8570.01-M Information Assurance Workforce Improvement Program guidelines at start;
• Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53. etc.) is required;
• Thorough understanding and utilization of Enterprise Mission Assurance Support Service (eMASS) is required;
• Familiarity in the Risk Management Framework (RMF) Cybersecurity Lifecycle is required;
• Experience with Splunk is preferred;
• Experience with Host Based Security System (HBSS) is preferred;
• Experience with ACAS (Tenable Nessus Scanners and Security Center) is preferred;
• Experience with Jira is preferred;
• Experience with Windows, Linux, and Networking devices is preferred;
• Product Owner and Scrum Master (Agile) training or experience is preferred.

Established in 1995, Global Business Solutions, Inc. offers customers a distinctive blend of information technology capabilities, education and training services, and information assurance solutions. Managed by a team of executive leaders experienced in the field of information technology and training services within the industry and government, GBSI prides itself on exceeding expectations. Our award-winning solutions give clients the support tools needed to successfully deliver in evolving environments with confidence.

GBSI is dedicated to hiring and retaining a diverse workforce. GBSI is an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA statement, please visit http://www.gbsi.com/EEO.  U.S. Citizenship is required for most positions.

Pay Transparency Nondiscrimination Provision:

GBSI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with GBSI’s legal duty to furnish information.

Drug Free Workplace:
We maintain a drug-free workplace and perform pre-employment substance abuse testing.