IT Risk and Compliance Principal
Company: GD Information Technology
Location: Germantown
Posted on: April 1, 2026
|
|
|
Job Description:
Type of Requisition: Regular Clearance Level Must Currently
Possess: Top Secret Clearance Level Must Be Able to Obtain: Top
Secret Public Trust/Other Required: None Job Family: Cyber and IT
Risk Management Job Qualifications: Skills: Information Security
Risk Management, Risk Analysis, Risk Management Information Systems
Certifications: None Experience: 5 years of related experience US
Citizenship Required: Yes Job Description: IT RISK AND COMPLIANCE
SPECIALIST PRINCIPAL Advance your career while impacting our
national security in cyber as an IT Risk and Compliance Specialist
Senior at GDIT. Here, technologists have many paths to grow a
meaningful career supporting cyber missions and operations across
the federal government. Transform technology into opportunity as an
IT Risk and Compliance Specialist Principal with GDIT. A career in
enterprise IT means connecting and enhancing the systems that
matter most. At GDIT you’ll be at the forefront of innovation and
play a meaningful part in improving how agencies operate. We are
seeking an experienced and highly skilled IT Risk and Compliance
Specialist Principal to join the Technology Shared Services (TSS)
Governance Risk and Compliance (GRC) team. The TSS GRC team
provides services across GDIT Divisions / Programs to ensure the
confidentiality, integrity, and availability of GDIT and our
customers’ information systems while supporting compliance
governance with relevant regulations and standards. This
opportunity is for a pending government task order award. The ideal
candidate will have strong technical skills and possess deep
expertise in IT risk management, regulatory compliance, and
information security, as well as proven experience in a leadership
role with the ability to work effectively with various stakeholders
HOW THE IT RISK AND COMPLIANCE SPECIALIST PRINCIPAL WILL MAKE AN
IMPACT: Govern the cyber security hygiene of GDIT’s and our
customer’s information technology systems ensuring their integrity
and protection. Monitor, analyze and assess the security posture of
GDIT’s and our customer’s Cloud and on-premises environments for
security gaps, access controls, network settings,
misconfigurations, and areas of high risks based on industry’s best
practices and regulatory requirements. Maintain accurate and
current security documentation including plans, processes,
architecture, audit findings and records (i.e., corrective
actions). Implement security audit reviews verifying that the audit
records are collected and reviewed. Proactively monitor emerging
security threats and technology advancements to recommend and
implement process and tools improvements. Recommend and implement
process and tools improvements. WHAT YOU’LL NEED TO SUCCEED:
Bachelor’s degree in computer science, information technology,
information/cyber security or a related field or relative
experience Minimum of 5 years of experience in IT risk management,
IT compliance, or information security, with a significant portion
in a leadership role (e.g., ISSO, ISSE, ISSM) Certifications such
as CISSP, CISM, or CISA Creation and submission of Authorization to
Operate (ATO) package Experience in security role managing projects
as well as delivering and supporting customer security requirements
Excellent problem-solving, analytical, and communication skills
Ability to effectively collaborate across multi-functional teams
Demonstrated experience performing complex technical tasks with
minimal direction Possesses experience with communicating and
presenting technical solutions and status to executives, key
stakeholders and decision makers Experience with security tools and
technologies (e.g., Firewalls, VPNs, SIEM, End Point Protection,
Vulnerability & Compliance Scanning, Identity & Access Management)
Strong understanding of security boundary protection strategies to
include Intrusion Detection/Prevention devices, compensating
controls, and firewall rules Experience supporting new business
opportunities developing solutions, participating in oral
presentations, and supporting costing / pricing IT risk management
frameworks and regulatory requirements (e.g., NIST 800-171,
800-172, 800-53, ISO 27001, COBIT) Security and privacy controls
(e.g., CIS Level 2, DISA STIG) Cybersecurity Maturity Model
Certification (CMMC) Security authorization process (e.g., FedRAMP,
ATO) IT audits and associated processes PREFERRED: ServiceNow
architecture Contingency planning and disaster recovery CLEARANCE:
Active security clearance (Top Secret or Department of Energy(DoE)
Q) LOCATION: On-site at customer location either in Germantown, MD
or Washington DC GDIT IS YOUR PLACE At GDIT, the mission is our
purpose, and our people are at the center of everything we do. ?
Growth: AI-powered career tool that identifies career steps and
learning opportunities ? Support: An internal mobility team focused
on helping you achieve your career goals ? Rewards: Comprehensive
benefits and wellness packages, 401K with company match, and
competitive pay and paid time off ? Flexibility: Full-flex work
week to own your priorities at work and at home ? Community:
Award-winning culture of innovation and a military-friendly
workplace The likely salary range for this position is $123,250 -
$166,750. This is not, however, a guarantee of compensation or
salary. Rather, salary will be set based on experience, geographic
location and possibly contractual requirements and could fall
outside of this range. Scheduled Weekly Hours: 40 Travel Required:
10-25% T elecommuting Options: Onsite Work Location: USA DC
Washington Additional Work Locations: USA MD Germantown Total
Rewards at GDIT: Our benefits package for all US-based employees
includes a variety of medical plan options, some with Health
Savings Accounts, dental plan options, a vision plan, and a 401(k)
plan offering the ability to contribute both pre and post-tax
dollars up to the IRS annual limits and receive a company match. To
encourage work/life balance, GDIT offers employees full flex work
weeks where possible and a variety of paid time off plans,
including vacation, sick and personal time, holidays, paid
parental, military, bereavement and jury duty leave. To ensure our
employees are able to protect their income, other offerings such as
short and long-term disability benefits, life, accidental death and
dismemberment, personal accident, critical illness and business
travel and accident insurance are provided or available. We
regularly review our Total Rewards package to ensure our offerings
are competitive and reflect what our employees have told us they
value most. We are GDIT. A global technology and professional
services company that delivers consulting, technology and mission
services to every major agency across the U.S. government, defense
and intelligence community. Our 30,000 experts extract the power of
technology to create immediate value and deliver solutions at the
edge of innovation. We operate across 50 countries worldwide,
offering leading capabilities in digital modernization, AI/ML,
Cloud, Cyber and application development. Together with our
clients, we strive to create a safer, smarter world by harnessing
the power of deep expertise and advanced technology. Join our
Talent Community to stay up to date on our career opportunities and
events at gdit.com/tc . Equal Opportunity Employer / Individuals
with Disabilities / Protected Veterans
Keywords: GD Information Technology, Oshkosh , IT Risk and Compliance Principal, IT / Software / Systems , Germantown, Wisconsin
