Our work depends on a Cyber Security Operations Analystjoining our team to support National Institutes of Health (NIH), Office of the Director (OD), Office of Information Technology (OIT) activities at Bethesda, MD.
At GDIT, people are our differentiator. As a Cyber Security Operations Analyst supporting OD OIT, you will be trusted to work on the latest technologies for Vulnerability Management and Reporting, Security Event and Information Management (SIEM), Next Generation Firewall, Enterprise Detection and Response (EDR), Web Application Vulnerability Scanning, and Forensic Imaging. In this role, a typical day will include:
Collaborating with OD OIT to enhance overall security posture to protect critical systems
Acting as a system administrator for both Windows and Linux-based systems, including patch deployment, operating system configuration and hardening and management of hosted applications used for security monitoring and analysis.
Analyzing web-based application security vulnerabilities using both enterprise-grade and manual testing tools.
Collaboratively managing and maintaining application-based firewalls through daily monitoring and necessary configuring of rule-sets, actions, alerts and reporting.
Interfacing directly with vendors to manage deployments and perform troubleshooting of security monitoring tools throughout the environment.
Investigating security incidents in both an independent and collaborative manner, analyzing network packets, captured audit logs, intrusion detection alarms and vulnerability scanning tools.
Documenting the technical details of legitimate incidents in applicable tracking and ticketing systems and directing applicable personnel to perform the actions necessary for remediation.
Routine communication with stakeholders across the enterprise to explain and direct vulnerability remediation efforts.
Consulting with clients and team members to provide hardware and software recommendations.
Developing processing standards, procedures, and automation for use by IT staff in a constantly growing and evolving environment.
Responding to alerts by enterprise monitoring across all systems managed by the team and provide daily operational status
Assisting in updating disaster recovery plans and testing continuity of operations
Delivering weekly reports to supervisor
WHAT YOU’LL NEED:
BS degree in Computer Science or Information Technology or other related Engineering field or equivalent
A minimum of two years of relevant experience
Good understanding of application security, particularly as it relates to web-based applications.
Experience with application vulnerability management, including reporting, tracking, and validating remediation
Experience analyzing vulnerabilities, particularly those defined in OWASPs Top 10.
Experience implementing cybersecurity automation
Experience with scripting language (i.e. Python or PowerShell)
Experience performing incident response functions
Familiarity with Change Management best practices
Good understanding of intrusion detection systems.
Knowledge and understanding of security engineering principles.
Knowledge of Windows and/or Linux Administration is required; hands on experience is a plus
Ability to obtain a NIH Public Trust
Ability to write clear, concise documentation
Good understanding of NEXGEN firewalls and related technologies.
Experience with at least three of the following tools: Tenable SecurityCenter, Netsparker Web Application Vulnerability Scanner, Carbon Black, Splunk, the Burp Suite, Palo Alto and/or Imperva application firewalls.
Experience developing business deliverables such as Vulnerability Reports
Ability to perform application-based security testing using manual testing tools (e.g., the Burp Suite).
Experience with a ticketing system, such as ServiceNow (preferable) or Remedy
Experience integrating security engineering principles into the enterprise.
Technical certifications, such as CompTIA Cyber Security Analyst (CySA+), Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH)
Experience working at NIH
WHAT GDIT CAN OFFER YOU:
Ability to interface with NIH executive office leadership
Full-flex work week
401K with company match
Internal mobility team dedicated to helping you own your career
Collaborative teams of highly motivated critical thinkers and innovators
Ability to make a real impact on the world around you
Not sure this job’s the one for you? Check out our other openings at gdit.com/careers.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.