IT Security Analyst (Top Secret)

Clearance Level
Top Secret
Category
Information Security
Location
Arlington, Virginia

REQ#: RQ121913

Travel Required: Less than 10%
Requisition Type: Pipeline

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.  

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on an IT Security Analyst joining our team to supporting the Office of Inspector General (OIG) for the United States Postal Service (USPS). The location is remote.  The preferred candidate will live within 2 hours of Arlington, VA, to provide in-person support if needed.

The IT Security Office is responsible for protecting the information and assets within the OIG’s information technology infrastructure. The OIG’s information resources are sensitive assets and are critical in the performance of its mission; therefore, information security services help safeguard the information resources entrusted to the OIG. 

At GDIT, people are our differentiator. In this role, a typical day will include: 

  • Manages and administers a wide range of security systems and tools:
    • Administers cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
    • Responsible for primary or alternate management of all IT Security systems including patch management, upgrades, integration engineering, and reporting.
  • Executes security related operational activities
    • Manages security incident detection, response, remediation.
    • Conducts cyber threat and vulnerability analysis and remediation.
    • Develops security metrics and manages reporting and compliance.
    • Serves as Incident Response Team member.
    • Supports operational implementation of FISMA/NIST standards and industry best practices.
    • Operates cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
    • Manages IT Security awareness training program in coordination with the Learning Management team, to including developing and delivering IT Security awareness training modules.
    • Manages Password Management system in coordination with Service Desk.
    • Responds to IT Security trouble tickets generated by customers and IT staff. Identifies solutions, works with customer and OCIO team to execute solutions, and manages ticket input, updates, and resolution in the OCIO ticketing system to maintain service level agreements.
  • Supports Security Operations and Engineering by providing technical solution support and expertise
    • Identifies security risks and recommends risk mitigation strategies.
    • Reviews new and existing systems to ensure baseline security requirements are met and to recommend security enhancements.
    • Develops security architecture and technical solutions for security products.
    • Collaborates with staff from OCIO and other business components to develop security controls and solutions for complex business systems and applications.
    • Develops and executes project plans to engineer, construct, deploy, and monitor/manage IT Security infrastructure solutions.
    • Demonstrates in-depth understanding of security requirements associated with cloud-hosted environments, services, and solutions.
    • Evaluates, recommends, and implements security controls associated with cloud-hosted environments, services, and solutions.
    • Evaluates, recommends, and implements security controls for mobile device solutions.

WHAT YOU’LL NEED:  

  • Degree in Information Assurance, Information Systems, Computer Science, or related field.
  • 8+ years of specialized IT experience
  • 5+ years in IT Security
  • SANS GIAC or ISC2 certification(s) (or equivalent)
  • Microsoft certification(s): Azure Security Engineer Associate, Security Operation Analyst Associate, Identity and Access Administrator Associate, Information Protection Administrator Associate (desired)
  • Top Secret Security Clearance (or ability to obtain TS clearance)
  • Demonstrated knowledge of and ability to configure, manage, and administer cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
  • Skill and Ability in executing Security Operations including incident detection, identification, management, response, and reporting. Must have experience in incident response and management.
  • Skill in making recommendations that significantly influence OIG’s information security policies or programs. Experience building policies and preparing briefings to explain security programs and requirements to senior executives.
  • Skill & Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
  • Skill & Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications.
  • Knowledge & Skill in implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance. Experience interpreting and implementing FISMA/NIST requirements focused on the operational implementation and documentation of those requirements.
  • Knowledge of security controls for cloud-hosted environments, applications, and services.
  • Experience developing System Security Plans, Security Assessment Reports, Continuous Monitoring Plans, and Plans of Action & Milestones.
  • Ability to ensure coordination and collaboration on security activities.
  • Ability to effectively communicate both orally and in writing with management and other technical specialists.
  • Ability to plan, organize and manage tasks on time with minimal supervision

WHAT GDIT CAN OFFER YOU: 

  • Full-flex work week 
  • 401K with company match 
  • Internal mobility team dedicated to helping you own your career 
  • Challenging work that makes a real impact on the world around you 
  • Diverse, highly collaborative teams 

The security clearance for this program requires the selected candidate to have resided in the US for the past five years. The selected candidate cannot have left the country for longer than 90 consecutive days and no more than 180 cumulative days. Candidate must also possess a Top-Secret security clearance or be able to obtain such. U.S. Citizenship Required.

#USPSOIG #OpportunityOwned #GDITCareers #GDITLife #WeareGDIT #azuresecuritycenter #itsecurityanalyst


About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.