×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

CSfC Information Systems Security Technical Auditor

Job in National City, San Diego County, California, 92180, USA
Listing for: General Dynamics Information Technology
Full Time position
Listed on 2026-01-06
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Type of Requisition: Regular

Clearance Level Must Currently Possess: Top Secret

Clearance Level Must Be Able to Obtain: Top Secret

Public Trust/Other

Required:

 None

Job Family: Cyber and IT Risk Management

Job Qualifications:

Skills: Cross Domain Solutions, Information System Security, Risk Management Framework, Technical Auditing

Certifications: None

Experience: 6+ years of related experience

US Citizenship

Required:

 Yes

Position Overview

The Commercial Solutions for Classified (CSfC) Information Systems Security Specialist is responsible for the assessment, review, and lifecycle security oversight of multi‑vendor CSfC architectures in accordance with NSA policies and Capability Packages (CPs). This role ensures classified information is protected through layered commercial technologies and supports the maintenance of NSA CSfC Registration, Cross Domain Solution Element (CDS‑E) Assessment and Authorization (A&A) approvals, and Authority to Operate (ATO) packages.

This position is assessment-focused and does not perform day‑to‑day system engineering or operational administration. The role evaluates the implementation and effectiveness of security controls and supporting evidence to support risk‑based authorization decisions.

The security specialist works closely with system architects, program managers, ISSOs, ISSEs, and accreditation authorities to ensure solutions meet technical, operational, and security requirements throughout the system lifecycle. A strong technical background is recommended to effectively perform security assessment responsibilities.

Key Responsibilities Systems Security Assessment
  • Conduct technical security assessments as part of the RMF lifecycle, with emphasis on control implementation and effectiveness.
  • Review CSfC solution architectures, enclave boundaries, and data flows to support assessment activities and risk determinations.
  • Identify, prioritize, and track vulnerability scan findings from an assessment and reporting perspective
    .
  • Review Security Technical Implementation Guides (STIGs)
    for compliance and assessment purposes
    .
  • Review Security Information and Event Management (SIEM) solutions to validate appropriate logging, alerting, and monitoring capabilities.
Documentation & Accreditation
  • Develop, review, and maintain security documentation including:
    • eMASS authorization packages
    • NSA CSfC Registration packages
    • Cross‑Domain Solution (CDS) Assessment & Authorization (A&A) packages
  • Document and track Plans of Actions and Milestones (POA&M) findings.
Compliance & Risk Management
  • Assess system compliance with applicable policies and frameworks, including:
    • CSfC Capability Packages (Mobile Access and Multi‑Site Connectivity)
    • NIST SP 800‑53 Rev. 5 security controls
    • Air Force and USAFE‑specific cybersecurity policies
  • Conduct security reviews for proposed product substitutions, upgrades, or configuration changes to assess security impact and risk.
Security Leadership
  • Provide technical assessment guidance to engineers, Authorizing Officials (or their designated representatives), and other stakeholders.
  • Interface with NSA CSfC, CDS‑E, and AO personnel as required to support assessment and authorization activities.
Required Qualifications
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field, or equivalent experience.
  • 5–10+ years of experience in cybersecurity engineering, security assessment, or related roles.
  • Demonstrated experience assessing technical security controls in complex system environments.
  • Strong understanding of:
    • Encryption technologies including IPsec, VPNs, and certificates
    • Network engineering fundamentals (routing, switching, VLANs)
    • RMF lifecycle, NSA CSfC architecture, and CDS concepts
  • Familiarity with CSfC‑approved components such as firewalls, VPN gateways, and cross‑domain solutions.
  • Experience supporting NIST RMF and NIST SP 800‑53 Rev. 5 implementations.
  • Experience developing or supporting A&A documentation and/or NSA CSfC registration packages.
  • Must meet applicable DoD 8140 requirements for cybersecurity roles.
Preferred Qualifications
  • Experience aligned with IAM Level II or IAT Level II roles.
  • DoD 8570/8140 baseline certification (e.g., CISSP, CASP+,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search