CSfC Information Systems Security Officer (ISSO) III - Ramstein, Germany at General Dynamics Information Technology – Ramstein-Miesenbach, Rheinland-Pfalz

DEU Ramstein - Air Base (APC164)
Full time
RQ215731
Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Secret

Clearance Level Must Be Able to Obtain:
Top Secret

Public Trust/Other Required:
None

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
Information System Security, Risk Management Framework, Security Information and Event Management (SIEM), Technical Auditing
Certifications:
None
Experience:
6 + years of related experience
US Citizenship Required:
Yes

Job Description:

Job Description Summary

The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for assigned Commercial Solutions for Classified (CSfC) information systems.

This role works in close coordination with the ISSM and system owners and is responsible for day-to-day security operations, with a strong emphasis on security monitoring, audit validation, SIEM engineering, and continuous monitoring activities.

The ISSO will provide technical expertise in log aggregation, telemetry validation, dashboard development, and audit analysis to ensure compliance with NIST 800-53, DoWI 8510.01, and CSfC Capability Package requirements.

This position requires hands-on experience with enterprise SIEM platforms such as Elastic (ELK stack), Splunk, or equivalent technologies.

Performance Shall Include

Operational Security & Continuous Monitoring

• Assist the ISSM in meeting assigned duties and responsibilities in accordance with DoWI 8510.01 and NIST RMF guidance.
• Conduct continuous monitoring activities for assigned authorization boundaries.
• Prepare, review, and update authorization documentation related to audit and monitoring controls.
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
• Assess the security impact of system changes and provide recommendations to the ISSM prior to implementation.
• Execute the cybersecurity portion of system self-inspections and assessment activities.

SIEM, Audit & Telemetry Engineering (Primary Focus Area)

• Configure, manage, and optimize enterprise SIEM platforms including Elastic (ELK stack), Splunk, or equivalent.
• Design, build, and maintain dashboards that provide real-time visibility into:
  
  • Authentication and access events
  • Privileged user activity
  • Administrative changes
  • Boundary device and encryption component logs
  • System configuration modifications
  • Network security events
• Develop and tune correlation rules and alert thresholds to improve detection capability and reduce false positives.
• Ensure audit records are properly collected, forwarded, parsed, indexed, and retained in accordance with policy.
• Troubleshoot ingestion failures, log parsing issues, and telemetry gaps.
• Validate time synchronization and log integrity across system components.
• Provide telemetry artifacts and dashboard outputs to support internal and external audits.
• Ensure audit records are reviewed and documented, including identification of anomalies.

CSfC Security Support

• Support implementation and validation of CSfC Capability Package security requirements.
• Ensure appropriate logging and monitoring of encryption components, boundary devices, and supporting infrastructure.
• Coordinate with system and network administrators to ensure monitoring requirements are embedded in system deployments.
• Provide recommendations to enhance monitoring visibility and audit compliance within CSfC enclaves.

RMF & Vulnerability Management Support

• Support RMF lifecycle activities within eMASS.
• Maintain SSP sections related to monitoring and audit architecture.
• Review ACAS scan results and correlate findings with SIEM telemetry.
• Validate STIG implementation and audit configuration settings.
• Assist with development of assessment and authorization documentation and bodies of evidence.

Required Experience

• 7+ years of cybersecurity experience.
• 3+ years of hands-on experience supporting security monitoring, SIEM operations, or ISSO functions.
• Experience configuring and maintaining Elastic (ELK stack), Splunk, or equivalent enterprise SIEM platforms.
• Experience building and customizing security dashboards and telemetry views.
• Experience supporting DoW RMF and continuous monitoring activities.
• Experience reviewing STIGs and correlating vulnerability findings with audit logs.
• Working knowledge of NIST 800-53 Rev 5 controls, particularly AU and SI families.
• Experience with log ingestion pipelines (syslog, Winlogbeat, Filebeat, agents, or equivalent).

Preferred Experience

• Experience supporting CSfC systems.
• Experience establishing monitoring visibility in newly deployed environments.
• Experience tuning alerts and reducing false positives.
• Prior experience as a System Administrator or Network Administrator.
• Elastic or Splunk certification.
• Experience conducting technical audit reviews.

Education

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or related discipline.
Experience may be substituted for education in accordance with company policy.

Certifications

• DoD 8570 IAT Level II minimum (Security+ CE, CySA+, CCNA Security, etc.).
• IAM Level I or II preferred.
• Elastic, Splunk, GSEC, GCIA, or similar monitoring-focused certifications desired.

Clearance

• Active Secret or TS/SCI required.
• Must be eligible to obtain CI Polygraph if required.

GDIT IS YOUR PLACE:

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays

#DefenseOCONUS

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

The likely salary range for this position is $93,500 - $126,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Total compensation for international positions varies by tax, social security, and immigration statuses, as well as location. Generally, an international assignment may include allowances, premium uplifts, and/or relocation or transportation benefits, above base salary range noted.

Scheduled Weekly Hours:
40

Travel Required:
Less than 10%

Telecommuting Options:
Onsite

Work Location:
International

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

About Us

Join our 30,000 everyday heroes. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. For more information about GDIT's Privacy Policy, click here: