Type of Requisition:

Pipeline

Clearance Level Must Currently Possess:

Top Secret/SCI

Clearance Level Must Be Able to Obtain:

Top Secret/SCI

Public Trust/Other Required:

None

Job Family:

Cyber and IT Risk Management

Job Qualifications:

Skills:

Assessment & Authorization (A&A), Cybersecurity Assessment, Enterprise Mission Assurance Support Service (eMASS), RMF

Certifications:

CompTIA Security+ CE | CompTIA - CompTIA

Experience:

5 + years of related experience

US Citizenship Required:

Yes

Job Description:

TheNaval Criminal Investigative Service (NCIS)is an organization of over 2,200 personnel of which 700 serve at HQ and the remaining staff serve at offices worldwide. NCIS is the Department of Navy (DON) component with primary responsibility for criminal investigation, law enforcement (LE),counter-terrorism(CT), counterintelligence (CI), and cyber matters. NCIS not only has primary responsibility for all criminal investigative, CI, CT, and cyber matters within the DON, but it also has exclusive investigative jurisdiction in non-combat matters involving actual, potential, or suspected criminal, terrorism, sabotage, espionage, and subversive activities.

**This position is pending contract award in September 2026 timeframe. **

MEANINGFUL WORK AND PERSONAL IMPACT

As a Cyber Security Analyst, the work youll do at GDIT will be impactful to the mission of the NCIS ITD organization in Quantico, VA

• Supports all authorization package ACAS related tasks assigned to Issues and NQVs. The goal is to provide the required artifacts IAW the Navy Testing Guidance and Risk Management Framework (RMF) Process Guide required for the submission of an RMF Authorization package.

• Manages and validates system security compliance by reviewing Security Technical Implementation Guides (STIGs); utilizes scanning tools to assess and report on STIG compliance, ensuring all security configurations meet DoW requirements and support the RMF A&A process.

• Executes and documents the testing of RMF security controlsto validate their effectiveness and compliance with NCIS policies, providing evidence of control implementation for Assessment & Authorization (A&A) packages.

• Applies a comprehensive understanding of NIST SP 800-53 Revision 5to select, tailor, and document security and privacy controls, ensuring alignment with federal requirements and the specific operational needs of the authorization package

• Performs 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements; provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record; provide ACAS Summary Reports in accordance with the Navy Testing Guidance.

• Conducts weekly and As Needed ACAS scans in support of RMF STEP 3/STEP 4 processes, vulnerability assessments and queries specifically targeting authorization package assets; support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages; create asset lists using provided hardware lists.

• Performs risk analyses of computer systems and applications during all phases of the system development life cycle using the Assured Compliance Assessment Solution (ACAS) tool.

• Initiates Enterprise Mission Assurance Support Service (eMASS) registrations, prepares, processes, updates and monitors RMFAssessment and Authorization(A&A)packages;ensures A&A packages are evaluated and maintained in a compliant status; implements and validates A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements.

WHAT YOULL NEED TO SUCCEED:

Bring your cybersecurity expertise along with a drive for innovation to GDIT. Our Cyber Security Analyst must have:

• Security Clearance Level: Active TS/SCI required. A Top Secret clearance with SCI Eligibility is also acceptable.

• Required Experience:

• 5+ years of experience in the systems security discipline with specific emphasis on Navy Cybersecurity practices.

• Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP), System Level Continuous Monitoring (SLCM), Ports, Protocols and Services Management (PPSM), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning and Security Technical Implementation Guides (STIGs).

• Experience with Enterprise Mission Assurance Support Service (eMASS) tools.

• Experience preparing, processing, assessing, validating, and maintaining RMF A&A packagesusingeMASSandXACTA tools.

• Experience with using public key-based technologies for applications.

• Required Certifications: CompTIA Security+ CE

• Education: BS Degree or 4 years additional experience in lieu of degree.

• Location: Onsite at Quantico, VA

• Position Availability: This position is pending contract award in September 2026 timeframe.

• US Citizenship required



WHAT WE'D LOVE FOR YOU TO HAVE:

• Completed Navy RMF training

• Formal ACAS training

• FormaleMASStraining

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and youll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

#NCIScareers

The likely salary range for this position is $96,569 - $130,651. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

40

Travel Required:

None

Telecommuting Options:

Onsite

Work Location:

USA VA Quantico

Additional Work Locations:

Total Rewards at GDIT:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.