Vulnerability Testing Analyst

Own your career as a Vulnerability Testing Analyst at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow.

At GDIT, people are our differentiator. As a Vulnerability Testing Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a TS/SCI cleared Vulnerability Testing Analyst joining our team to support our intelligence customer in Springfield, VA.

HOW A VULNERABILITY TESTING ANALYST WILL MAKE AN IMPACT

Provide all preventative and corrective maintenance to ensure consistent, reliable, and secure service availability. This includes all actions required to return the service to full operational capability such as vendor RMA processes, removal and proper disposal of broken equipment/software, installation and testing of new equipment/software, and configuration of new equipment/software

• Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the CSOC knowledge management platform
• Execute emergency maintenance actions with sufficient urgency to preclude unacceptable outage durations, approved by the Government prior to execution, and coordinated through and approved by CSOC and ESC government management
• Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions
• Perform continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of this service. These assessments are limited to improvements that can be achieved without the purchase of additional hardware or software
• Perform all development, design, engineering, testing, integration, and implementation actions necessary to perform a full technology refresh every four years or upon Asset contract recompete, whichever comes first (Note: The assets supporting this service are acquired through a DoD contract). This includes the removal and disposal of the legacy capability

More About the Role

• Operate all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with vendor instructions, industry best practice, and government directives, polices, procedures, etc.
• Ensure all required data is routed to the DoD CMRS database in the appropriate format, and validate the accuracy of data contained within CMRS weekly
• Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all customer laws, directives, orders, polices, guidance, procedures etc.
• Ensure this service provides 100% coverage of all applicable customer enclaves, domains, information flows, and devices. Provide weekly reports to CSOC government leadership on any people, processes, or technology challenges preventing the achievement of 100% coverage
• Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed or required by CSOC government staff and contractors assigned Cybersecurity Operations Services and Cybersecurity Readiness Services
• Track vendor end of life and end of support status for assets in CDRL D0009 Asset Inventory Perform all development, design, engineering, testing, integration, and implementation actions needed for the total integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list. This includes ensuing all data flows are properly parsed for ingestion/transmission to the Security Information and Event Management (SIEM), and other internal and external automated reporting systems
• Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions
• Report as vendor updates are received

WHAT YOU’LL NEED TO SUCCEED:

• Bachelor's Degree and or equivalent experience in a related field
• DoD 8570 IAT II and CSSP Analyst certifications required
• 6 years of experience working in CSOS III, specific with Audit Enterprise
• Top Secret/SCI clearance with the ability to obtain a polygraph
• Perform all development, design, engineering, testing, integration, and implementation actions needed for the total integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list. This includes ensuing all data flows are properly parsed for ingestion/transmission to the Security Information and Event Management (SIEM), and other internal and external automated reporting systems
• Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions

These Qualifications Would Be Nice to Have

• IAT III and Master's degree

Location: On Customer Site
US Citizenship Required

GDIT IS YOUR PLACE:

● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays