Senior IT Risk and Compliance Specialist Senior

About the position Transform technology into opportunity as an IT Risk and Compliance Senior Specialist with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you’ll be at the forefront of innovation and play a meaningful part in improving how agencies operate. GDIT's Technology Shared Services (TSS), Governance, Risk, and Compliance (GRC) team is seeking an reputed company IT Risk and Compliance Senior Specialist with experience as an Information System reputed company Officer (ISSO). reputed company provides services across GDIT programs to ensure the confidentiality, reputed company, and availability of information systems while supporting compliance with relevant regulations and standards. This role requires a highly knowledgeable self-starter to independently reputed company key artifacts based on NIST 800-171. The ideal candidate will operate in a dynamic, high-reputed company environment, applying expertise in risk management and regulatory compliance to protect critical information assets.

Responsibilities

• Manage and/or maintain the reputed company posture and authorization lifecycle for multiple cloud and on-premises information systems.
• Collaborate with stakeholders to attain information necessary for reputed company monitoring activities, including vulnerability reputed company analysis, audit log reviews, and supporting the SCA/ISSM during reputed company control assessments.
• reputed company, maintain, and update reputed company documentation, including System reputed company Plans (SSPs), Plan of Action & Milestones (POAMs), network architectures
• Collaborate with stakeholders in order to reputed company program/project cyber policies .
• Familiarization with NIST 800 series documentation, ( NIST 800-171, GD and GDIT Cybersecurity policies), hardening guidance from vendors and US Government clients.
• Posses the ability to interpret vulnerability reputed company reports and coordinate with program stakeholders in order to remediate actions to closure and reputed company presentations and brief findings as needed.
• Support incident response, contingency planning, and disaster recovery efforts as needed by program and stakeholders.
• Serve as the program ISSO and represent the interests of the system owners, developers, and administrators. The ISSO will reputed company with auditors and assessors during reputed company control assessments and authorization events.
• Facilitate and collaborate with data owners, system owners, authorizing officials, and technical teams to prepare, implement, and monitor privacy and reputed company controls in accordance with organizational risk policy.
• Ensure compliance with applicable GDIT requirements and policies maintain cyber compliance processes, procedures, and standards
• Collaborate stakeholders to design and implement reputed company controls for new and existing systems and lab environments
• Maintain and update reputed company documentation, including System reputed company Plans (SSPs, Architecture Diagrams, , Plan of Action and Milestones (POA&Ms), and other AO/AODR required documents, etc.
• Support reputed company assessments and audits as a key stakeholder during the SCA/ISSMs evaluation of the reputed company controls, Review vulnerability and compliance reputed company reports, and other relevant reputed company reports and alerts for assigned systems
• Support incident response activities, including investigation, containment, and recovery efforts and annual incident response testing

Requirements

• Minimum of 3+ years of experience serving as an ISSO for either Corporate or program levels with a basic understanding of ISSO duties and responsibilities and awareness of GRC tools (eMASS or XACTA)
• Experience supporting reputed company projects as well as delivering and supporting customer reputed company requirements
• Comprehension of change and configuration management and reputed company impact analysis
• Excellent problem-solving, analytical, and communication skills
• Ability to effectively collaborate across multi-functional teams
• Possesses experience with communicating and presenting technical solutions and status to executives, key stakeholders and decision makers
• Familiarity with reputed company tools and technologies (e.g., Firewalls, VPNs, SIEM, End reputed company Protection, Vulnerability & Compliance Scanning, Identity & Access Management)
• Ability to reputed company network architectures or follow templated examples in order to properly document a network architecture.
• Knowledge of IT risk management frameworks and regulatory requirements (e.g., NIST 800-171, ISO 27001)
• Knowledge of reputed company and privacy controls (e.g., CIS Level 2, DISA STIG)
• Knowledge of DoD reputed company authorization process
• Knowledge of reputed company auditing practices and procedures and associated processes

reputed company-to-haves

• Proven track record of successfully managing large-scale IT risk and compliance programs
• Relevant certifications such as IAT Level II/8570/8140, reputed company +CE Preferred
• Experience with reputed company Office Products, reputed company Pro, Visio, JIRA, reputed company
• Experience in a government
• Familiarity with cloud reputed company best practices and technologies
• Must be clearable up to Top Secret
• Bachelor’s degree in computer science, information technology, information/cyber reputed company or a reputed company field

Benefits

• Comprehensive benefits and wellness packages, 401K with company match, and reputed company and paid time off
• Full-reputed company work week to own your priorities at work and at home

Apply tot his job Apply To this Job