Cyber Security Operations Analyst

Clearance Level
Cyber Security
Bethesda, Maryland

REQ#: RQ85195

Travel Required: None
Public Trust: NACI (T1)
Requisition Type: Regular

Our work depends on a Cyber Security Operations Analyst joining our team to support National Institutes of Health (NIH), Office of the Director (OD), Office of Information Technology (OIT) activities at Bethesda, MD.

At GDIT, people are our differentiator. As a Cyber Security Operations Analyst supporting OD OIT, you will be trusted to work on the latest technologies for Vulnerability Management and Reporting, Security Event and Information Management (SIEM), Next Generation Firewall, Enterprise Detection and Response (EDR), Web Application Vulnerability Scanning, and Forensic Imaging. In this role, a typical day will include:

  • Collaborating with OD OIT to enhance overall security posture to protect critical systems
  • Acting as a system administrator for both Windows and Linux-based systems, including patch deployment, operating system configuration and hardening and management of hosted applications used for security monitoring and analysis.
  • Analyzing web-based application security vulnerabilities using both enterprise-grade and manual testing tools.
  • Collaboratively managing and maintaining application-based firewalls through daily monitoring and necessary configuring of rule-sets, actions, alerts and reporting.
  • Interfacing directly with vendors to manage deployments and perform troubleshooting of security monitoring tools throughout the environment.
  • Investigating security incidents in both an independent and collaborative manner, analyzing network packets, captured audit logs, intrusion detection alarms and vulnerability scanning tools.
  • Documenting the technical details of legitimate incidents in applicable tracking and ticketing systems and directing applicable personnel to perform the actions necessary for remediation.
  • Routine communication with stakeholders across the enterprise to explain and direct vulnerability remediation efforts.
  • Consulting with clients and team members to provide hardware and software recommendations.
  • Developing processing standards, procedures, and automation for use by IT staff in a constantly growing and evolving environment.
  • Responding to alerts by enterprise monitoring across all systems managed by the team and provide daily operational status
  • Assisting in updating disaster recovery plans and testing continuity of operations
  • Delivering weekly reports to supervisor


Required Qualifications:

  •  BS degree in Computer Science or Information Technology or other related Engineering field or equivalent
  • A minimum of two years of relevant experience
  • Good understanding of application security, particularly as it relates to web-based applications.
  • Experience with application vulnerability management, including reporting, tracking, and validating remediation
  • Experience analyzing vulnerabilities, particularly those defined in OWASPs Top 10.
  • Experience implementing cybersecurity automation
  • Experience with scripting language (i.e. Python or PowerShell)
  • Experience performing incident response functions
  • Familiarity with Change Management best practices
  • Good understanding of intrusion detection systems.
  • Knowledge and understanding of security engineering principles.
  • Knowledge of Windows and/or Linux Administration is required; hands on experience is a plus
  • Ability to obtain a NIH Public Trust

Preferred Qualifications:

  • Ability to write clear, concise documentation
  • Good understanding of NEXGEN firewalls and related technologies.
  • Experience with at least three of the following tools: Tenable SecurityCenter, Netsparker Web Application Vulnerability Scanner, Carbon Black, Splunk, the Burp Suite, Palo Alto and/or Imperva application firewalls.
  • Experience developing business deliverables such as Vulnerability Reports
  • Ability to perform application-based security testing using manual testing tools (e.g., the Burp Suite).
  • Experience with a ticketing system, such as ServiceNow (preferable) or Remedy
  • Experience integrating security engineering principles into the enterprise.
  • Technical certifications, such as CompTIA Cyber Security Analyst (CySA+), Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH)
  • Experience working at NIH


  • Ability to interface with NIH executive office leadership
  • Full-flex work week
  • 401K with company match
  • Internal mobility team dedicated to helping you own your career
  • Collaborative teams of highly motivated critical thinkers and innovators
  • Ability to make a real impact on the world around you


Opportunity Owned

Not sure this job’s the one for you? Check out our other openings at


We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.