Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Secret

Clearance Level Must Be Able to Obtain:
Secret

Public Trust/Other Required:
None

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
DISA STIG, NIST Risk Management Framework, Operations Security
Certifications:
None
Experience:
3 + years of related experience
US Citizenship Required:
Yes

Job Description:

Help safeguard critical government systems by applying your hands-on ISSM/ISSO experience to security governance, risk evaluation, and compliance oversight. As an IT and Cyber Risk Auditor at GDIT, you will leverage your background managing RMF controls, system documentation, and continuous monitoring activities to deliver thorough, accurate, and mission-focused security assessments.

This role is ideal for cybersecurity professionals who have previously served as an ISSM or ISSO and are seeking to transition into a dedicated risk, audit, and compliance position where they can influence security posture across multiple systems and programs.

MEANINGFUL WORK AND PERSONAL IMPACT

As an IT and Cyber Risk Auditor, the work you do at GDIT will have a direct and measurable impact on our customer's mission. You'll help ensure the integrity, security, and compliance of their IT systems by identifying potential risks, validating critical controls, and supporting continuous improvement efforts. Your work will enhance operational resilience and enable the customer to execute their mission with confidence.
• Conduct security audits and RMF control assessments by applying your deep understanding gained through previous ISSO/ISSM responsibilities.
• Review, validate, and enhance security artifacts such as SSPs, POA&Ms, and continuous monitoring deliverables.
• Evaluate system security controls fore effectiveness, sufficiency, and alignment with NIST 800-53, DoD requirements, and organizational policies.
• Work with ISSOs/ISSMs and technical teams to interpret findings, recommend remediation actions, and ensure timely closure of vulnerabilities.
• Analyze system changes, configuration updates, and vulnerability outputs to determine authorization impacts and risk-level adjustments.
• Support ATO maintenance by tracking assessments, evidence, and documentation needed for successful RMF lifecycle execution.
• Ability to prepare and deliver clear, risk focused briefings to system owners and stakeholders regarding audit findings and compliance status.

WHAT YOU'LL NEED TO SUCCEED
Bring your cyber expertise and drive for innovation to GDIT. The IT and Cyber Risk Auditor must have:
• Education: Bachelors degree or 4+ years of additional work experience/training/education in lieu of a degree
• Experience: 3+ years of related experience as a prior ISSO/ISSM
• Certifications: IAT II (Security +, SSCP, CCNA Security)
• Technical skills: Strong understanding of NIST SP 800-53, DoD cybersecurity requirements, and control implementation/assessment practices. Familiarity with Windows/Linux environments, vulnerability tools, and security baselines.
• Security clearance: Must have an active Secret clearance in order to be considered
• US citizenship required
• Role requirements: Onsite, 5 days/week

The likely salary range for this position is $81,349 - $100,050. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
Less than 10%

Telecommuting Options:
Onsite

Work Location:
USA VA Falls Church

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.