The Cyber Security Configuration Analyst will provide technical expertise for evaluating a wide array of new and emerging technologies, and developing recommendations for security configuration baselines. The analyst will be responsible for developing security configuration standards that implement Departmental policy, technical security countermeasures, and industry best practices.
The Cyber Security Configuration analyst will also evaluate various technical and policy questions, providing written responses to a wide range of audiences.
The ideal candidate will have base knowledge of cyber security principles and best practices, familiarity with Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs), a foundational knowledge of Windows and Linux server operating systems, and experience managing Active Directory.
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Promote awareness of security issues among management and ensure sound security principles are reflected in organizations’ visions and goals.
Research security threat vectors and participate in government and industry conferences and training that impact existing standards and/or principles and provide information to customer on potential impact
Create bulletins, alerts, and/or advisories related to published or developmental standards and/or principle documents
Ensure that rigorous application of information security/information assurance policies, principles, and practices are implemented in the delivery of all IT services.
Evaluate a wide array of existing, new, modified, and/or emerging technologies and develop recommended security configuration baselines documents that implement Departmental policy, technical security solutions, and industry best practices in alignment with Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) as much as possible
Actively participate in respective change review and control boards, providing written and verbal recommendations
Respond to various technical and policy questions from a wide range of customers/users with guidance and clarifications
Promote awareness of cybersecurity standards and principles among the customer stakeholders, coworkers, and the Department users
Collaborate with fellow team members and various internal and external stakeholders to share information and knowledge to establish and maintain a productive line of communication
Streamline processes to improve efficiency of Mission goals
Manage information and updates in SharePoint repositories
Ensures that cybersecurity plans, controls, processes, standards, policies and procedures are aligned with cybersecurity standards
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
DESIRED QUALIFICATIONS: BA/BS (or equivalent experience), 4+ years of experience
· Knowledge of cybersecurity and privacy principles
· Knowledge of Cyber Security National Policies, Directives, and Laws
· Knowledge of basic system, network, and OS hardening techniques
** TEMPORARY ** Temporary position currently funded through August 16th.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.