Cloud Security Information Analyst

Seize your opportunity to make a personal impact as a Cloud Security Information Analyst supporting the Case Management Modernization (CMM) Program.  The CMM program is an initiative to support the Administrative Office of the US Courts (AO) in developing a modern cloud-based solution to support all 204+ federal courts across the United States.

GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. The Cloud Security Information Analyst will work as part of the CMM Application Development team to modernize case management capabilities, improve the user experience, reduce administrative overhead, and position the Judiciary for more responsive and cost-effective IT services over the long term.
 

RESPONSIBILITIES:

• Write documentation required for Authority to Operate (ATO).
• Work with the team to gather and document artifacts for supporting ATO.
• Supporting performance scans, analyze logs, monitor and report vulnerabilities.
• Investigate and analyze issues and incidents.
• Development of cybersecurity architecture with ability to adapt quickly to evolving requirements.
• Provide programming services for a variety of specific systems and business, scientific, or commercial applications.
• Participate in systems analysis, design definition, software development, systems test, implementation, and maintenance.
• Analyze coding problems and develops improvements to procedures.
• Exercise independent judgment. Designs, develops, troubleshoots, debugs, and implements software code (such as HTML, CGI, and JavaScript) for a component of the website.
• Cultivates a "security first" and "test first" approach to test-driven development

REQUIRED EXPERIENCE & QUALIFICATIONS:

• 5+ years’ experience in IT system engineering, systems development, systems coding and programming.
• Bachelor's degree in Computer Science, Software Engineering, or related field.
• Experience using tools to detect cloud-based security issues (1-2+ Years of experience).
• Experience using tools such as AWS Security Hub, SAST, DevSecOps scanning tools such as Gitlab scanners, CNAPP, etc. (1-2+ Years of experience).
• Exposure to SIEM tools like Splunk for monitoring (1-2+ Years of experience).
• Have prior experience performing Incident Response and Forensics (1-2+ Years of experience).
• Experience in Python, Bash Linux commands, NodeJS is a plus (1-2+ Years of experience).
• Knowledge of modern security methods and vulnerabilities.
• Ability to stay up to date on emerging security threats.
• Experienced in software and security testing, especially with containerized applications.
• Understanding of physical security threats and countermeasures.
• Strong "security first" mindset. Understanding of live monitoring of cyber environment for potential attacks, vulnerabilities and log analysis.
• Strong experience in several modern languages (JavaScript, Python, HTML, etc.) with expertise to design, develop, troubleshoot, debug and
  implement high quality code.
• Experience in a wide variety of computing environments including cloud and containerized solutions.