Cyber Security Manager (Active Secret Clearance)

Type of Requisition: RegularClearance Level Must Be Able to Obtain: Top SecretJob Family: Cyber SecurityJob Description Summary:General Dynamics Information Technology (GDIT) is seeking a Cybersecurity Engineering Manager who is innovative, dedicated, and highly motivated in order to solve challenging problems for our client, the Division of Federal Systems (DFS) for the Office of Child Support Enforcement (OCSE). In this role, you will lead a team of four cybersecurity engineers, responsible to ensure that federal systems meet Federal Information Security Management Act (FISMA), OS and HHS/ACF security requirements and to coordinate with the ACF Information Technology Security Unit (ITSU) on security related issues.This team provides program support to DFS OCSE to manage and monitor the development, implementation, operation, maintenance, technical support, and enhancement of the division’s systems and services. Federal Parent Locator Service (FPLS) information is, by statute, made available to child support agencies and a limited number of federal and state agencies. These secure systems and services help child support agencies, employers, insurers, and financial institutions exchange information about child support cases; locate parents; establish paternity, custody and visitation; collect support; and identify fraud.The ideal candidate enjoys managing a team and will find satisfying the challenges and opportunities provided by a fast-paced, customer-oriented environment. If you want to work with a dynamic group of dedicated, technical professionals on a collaborative team that supports a life-saving mission of global importance, we encourage you to apply.This position is for full time employment and will be based at our client's office in Washington, DC . During COVID-19, this will be a telecommuting role until otherwise determined.Responsibilities:

Serve as advisor to the design and development teams to ensure compliance with Federal mandates, OMB and NIST guidelines, and FPLS security requirements.

Serve as advisor to the design and development teams on security issues, and assist as needed in the development of security documentation for Security Authorization.

Serve as a Subject Matter Expert (SME) on application and network security topics as well as emerging security technologies.

Participate in routine and on-demand system and application vulnerability scanning, document findings and recommendations, and present analysis of results to stakeholders.

Participate in the continuous monitoring of FPLS systems and applications in support of the security authorization process through system development life cycle, risk assessments, vulnerability testing, inventory and configuration audits, technical and physical assessments, and development of security documentation.

Develop and maintain security policies, procedures and required documentation for security compliance with Federal mandates, OMB and NIST guidelines, and HHS/ACF requirements.

Support the Security Team in responding to external audits conducted by the HHS Inspector General (IG), Internal Revenue Service (IRS) and other Federal agencies as required.

Populate FPLS Security items in the HHS Risk Management Framework Portal (RMFP) tool including the Federal Information Security Management Act (FISMA) reviews and Plans of Action and Milestones (POA&M) as a result of audit findings.

Participate in the conduct of security site assessments on data matching partner sites and FPLS contractor sites.

Assists in the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.

Participates in network and systems design to ensure implementation of appropriate systems security policies.

Ensures the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services.

Develops and implements programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.

Promotes awareness of security issues among management and ensures sound security principles are reflected in organizations’ visions and goals.

Conducts research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information.

Develops policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data.

Supports Information Assurance asset deployments, upgrades, and maintenance including servers, databases, network assets, and wireless LANsecurity.

Recommends technological and architectural upgrades/modifications to client's Information Systems Security architecture.

REQUIRED:

Bachelors Degree and at least 5+ years of: professional work experience in a Cybersecurity role, people management experience, AND web and portal development experience

Exceptional written and communication skills; writing sample will be requested

Demonstrated experience and understanding of Information Assurance in the following specialties: Internet and Intranet Applications and Authentication; and Physical, Personnel, Network, Computer, Information, Operational, Administrative, and Communications Security

Must be in commuting distance to Washington, DC

DESIRED:

BS or MS in Cybersecurity, Information Technology or Engineering

Experience with handling multiple tasks simultaneously, and the ability to work independently in a high stress environment with an orientation towards customer service

Security or IT certifications (e.g. CISSP, CISA, MCSE, C|EH, etc.) related to the security of web and portal developments.

Knowledge of FedRAMP and cloud computing

Knowledge of Network infrastructure and ability to analyze network diagrams

Knowledge of web application vulnerability scanning tools such as IBM AppScan

Knowledge of the Child Support Enforcement program and system operations

Experience in handling sensitive data sources and distribution of data containing personally identifiable information

Experience using Microsoft Word and other COTS products (e.g., PowerPoint)

nullWe are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.