• Design, implement, and continuously mature critical security programs, acting as the primary technical owner for Data Loss Prevention (DLP) to safeguard sensitive company data across the environment. • Engineer and optimize our Security Information and Event Management (SIEM) platform. Oversee log ingestion strategies, write complex custom detection rules, and leverage scripting (e.g., Python, PowerShell) to automate alert triage and response workflows. • Lead proactive vulnerability hunting and assessment initiatives. Continuously evaluate infrastructure weaknesses and partner closely with IT and infrastructure teams to drive and track remediation of identified risks. • Act as the primary technical responder and incident commander during security events. Perform deep-dive forensic analysis, coordinate technical investigations, and guide cross-departmental teams through containment, eradication, and post-incident reviews. • Evaluate, deploy, and maintain the operational security tech stack. Ensure tools integrate seamlessly with the existing environment, continuously tuning them to reduce false positives and maximize return on investment. • Serve as a subject matter expert and technical mentor within the broader technology organization, fostering a culture of security awareness and collaborative risk mitigation.

Title: Security Operations Security Director /Cybersecurity Sr. Manager Location: USA TX Austin - 7100 Metropolis Drive, Austin III (TXC138) Job Description: Type of Requisition: Pipeline Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: Other Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Compliance Frameworks, Cyber Security Governance, Cyber Security Management Certifications: None Experience: 10 + years of related experience US Citizenship Required: No Job Description: The Security Director is the senior leader responsible for the governance, compliance, and overarching security posture of a Managed IT Security Operations contract. This role oversees adherence to regulatory frameworks, contractual requirements, and internal governance standards while ensuring the program’s security operations are executed with audit-readiness, risk awareness, and policy alignment at their core. The Security Director serves as the primary authority for cybersecurity compliance, governance controls, and enterprise-level security oversight. Key Responsibilities: • Lead the development, implementation, and enforcement of the contract’s cybersecurity governance framework, ensuring alignment with NIST, CIS, ISO, and all applicable regulatory requirements. • Oversee all compliance activities, including evidence collection, control validation, audit preparation, and corrective action tracking. • Ensure continuous compliance with federal, state, and industry standards, including data protection, privacy regulations, and customer-specific governance requirements. • Establish and maintain policies, procedures, SOPs, and security documentation that support a consistent and mature governance posture. • Serve as the primary liaison for compliance-related communication with customer stakeholders, auditors, and internal executives. • Lead risk management initiatives, including risk assessments, gap analyses, plan of action and milestones (POA&M) management, and mitigation planning. • Oversee the governance layer of SOC operations, ensuring operational practices meet internal and external compliance obligations. • Direct enterprise reporting activities, including compliance dashboards, governance metrics, and executive summaries reflecting organizational security posture. • Monitor changes in regulatory requirements and ensure the program is proactively positioned to meet evolving compliance expectations. • Collaborate with security engineering, SOC leadership, and program management to ensure all operational decisions integrate governance and risk considerations. • Support security architecture reviews and ensure technology decisions adhere to approved security baselines and compliance frameworks. • Lead or support incident response governance, including breach notification processes, documentation standards, and compliance-related reporting. Required Qualifications: • Bachelor’s degree in Cybersecurity, Information Assurance, Compliance, or related field (or equivalent work experience). • 10+ years of cybersecurity or compliance leadership experience, preferably within MSS/MSP or security operations environments. • Deep knowledge of governance and compliance frameworks (NIST RMF and CSF, ISO 27001, CIS Controls, FedRAMP, PCI-DSS, HIPAA, etc.). • Proven experience preparing for and supporting internal and external audits. • Demonstrated ability to build and manage governance programs in complex, multi‑platform IT environments. • Expertise in risk management, policy development, and compliance reporting. • Relevant certifications such as CISSP, CISM, CISA, CGEIT, CRISC, or similar. Preferred Qualifications: • Experience supporting government contracts or highly regulated industries. • Familiarity with cloud governance programs across AWS, Azure, and GCP. • Experience with Zero Trust governance models. • Additional certifications in audit, governance, or cloud security. Key Competencies: • Compliance and governance leadership • Policy and procedure development • Exceptional documentation and audit readiness • Strategic risk management • Strong communication and stakeholder alignment • Analytical decision-making Additional Information: Location: Austin, TX. expect to be in office 2-5 days a week. Timeline: This is a contingent role, expected to start between December 2026 and March of 2027. GDIT IS YOUR PLACE: - Full-flex work week to own your priorities at work and at home - 401K with company match - Comprehensive health and wellness packages - Internal mobility team dedicated to helping you own your career - Professional growth opportunities including paid education and certifications - Cutting-edge technology you can learn from - Rest and recharge with paid vacation and holidays The likely salary range for this position is $147,292 - $199,278. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Hybrid Work Location: USA TX Austin Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

• Actively monitor and respond to security alerts from tools such as SIEM, EDR, CNAP, etc. • Analyze security alerts and document tuning opportunities to reduce false positives. • Support change management responsibilities to reduce security risk/impact to corporate systems and networks. • Contribute to security tooling policies and supporting process enhancement as needed to mature defense controls and facilitate exceptions for BAU operations. • Initiate and coordinate incident response activities. Maintain documentation and reports for compliance purposes. • Configure and run network and endpoint vulnerability scans. Closely collaborate with technical teams to mitigate risks through patching and configuration changes. • Assess and evaluate the suitability of existing and new security tools to bolster the organization’s security posture

• Monitor, triage, and respond to security alerts, events, and incidents following defined SOC procedures and playbooks • Perform initial investigations to determine alert validity, scope, and potential impact • Accurately document investigations, actions taken, and outcomes in the ticketing system • Independently handle routine and low-to-moderate severity alerts and escalate higher-risk incidents as required • Identify patterns, recurring alerts, or anomalies and document findings for review by senior analysts • Communicate investigation findings clearly and professionally with internal teams and customers • Assist in identifying potential security gaps or misconfigurations and escalate observations appropriately • Support the monitoring and day-to-day operation of security tools and platforms • Follow all information security, privacy, and data protection policies when handling client data • Contribute to the maintenance and improvement of SOC documentation, procedures, and playbooks • Stay informed on common attack techniques, emerging threats, and relevant vulnerabilities • Maintain focus and accuracy while working in a fast-paced, alert-driven environment