Cyber Information Security Analyst

Clearance Level
Secret
Category
Information Security
Location
Saint Inigoes, Maryland

REQ#: RQ91407

Travel Required: None
Requisition Type: Pipeline

GDIT is seeking Information Security Analysts at multiple levels to support a $100M+ US Navy program that provides full spectrum Command, Control, Communications, Computers, Combat Systems, Intelligence, Surveillance, and Reconnaissance (C5ISR) technical support to the warfighter in the Continental United States (CONUS), Outside the Continental United States (OCONUS), and in hazardous areas. These critical C5ISR solutions will support a broad range of Department of Defense (DoD) and non-DoD customers, including joint forces commands and disaster recovery/first responders. In support of this program, GDIT will perform and provide computer systems engineering services to perform tasks in support of assigned Distance Learning (DL) related technologies and systems including Learning Management Systems (LMS) and Knowledge Management Systems (KMS) support. 

Program tasking includes provisioning of infrastructure (hardware, software, and cloud services), infrastructure operational support, content development and training, software development, maintenance and enhancement, and some Help Desk support. The GDIT team will supply a full range of system capabilities to include all infrastructure and unique implementation elements. Additionally, the team will develop knowledge sharing strategies and techniques, and deploy various custom systems, that will support distance education and training content, and instructor led training, and producing professional training.

Job duties of an Information Security Analyst may include:

  • Serve as a lead for the team responsible for information assurance posture of networks and systems and support system certification and accreditation.

  • Plan, implement, upgrade, or monitor security measures for the protection of computer network/systems and information. Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.

  • May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.

  • Provide analysis, integration, testing, and maintenance of network/systems. Lead the development of system IA documentation to support certification of compliance to applicable standards.

This may include:

  • Conduct the full spectrum of operational security support, maintaining an in-depth cybersecurity posture, providing security program implementation reports. 

  • Process access requests, plan and manage user accounts, domain groups, accounts, alt tokens and other accounts used to access key system components, and conduct periodic reviews of access lists, revoking access when necessary.

  • Maintain awareness and comply with DoD and industry standards and technologies used for cryptography and maintain certificates and infrastructure used to secure system data.

  • Respond to security incidents and provide incident notification and handling as required via specific Government directed policies.

  • Monitor systems, applications, and logs to identify potential unauthorized access attempts as required via specific Government directed policies.

  • Conduct vulnerability assessments and provide comprehensive scans and audits of complete security boundaries including all network and computer-related assets, policies, and processes to maintain the required system security posture. 

  • Review, analyze, and develop vulnerability mitigation strategies for all Information Assurance Vulnerability Alerts (IAVA), Information Assurance Vulnerability Bulletins (IAVB), and Operational Directives (OPDirs) and implement vulnerability corrections.

  • Senior level position will be consulted to respond to major computer security breaches and viruses, with a focus on forensic analysis and understanding of recent intrusion events. Determine the method of attack, identify any data that may have been exfiltrated, identify residual code, and clean the system. Conduct offensive penetration, simulation of current adversaries’ tactics and tools and advise on how to ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.

REQUIRED SKILLS/EXPERIENCE:

  • Secret and/or Top Secret Clearance

  • Technical or IT Discipline Master’s or Bachelors degree plus four (4) years of additional work experience related to the applicable labor categories; required experience may be substituted for a Masters degree. “Technical disciplines,” when used in relation to educational or work experience requirements, shall mean a degree in the field of computer science, information systems management, computer engineering, mathematics, physics, electrical engineering, or mechanical engineering. “IT discipline,” when used in relation to educational or work experience requirements, shall mean a degree in the field of computer science, computer engineering, software engineering, network engineering, information systems, cyber security, or management information systems technology.

  • Of the minimum ten (10) years of required experience, at least five (5) years of the experience must be in all phases of IA and cybersecurity within contractual vehicles of a similar man-hour size and technically complex scope.

  • Additionally, at least five (5) years of experience must include practical computer security experience in secure network and system design, analysis, procedure/test generation, test execution, and implementation of computer/network security mechanisms.

DESIRED SKILLS/EXPERIENCE

  • Use tools such as Elastic Stack and Splunk for the central event log repository in support of conducting the full spectrum of operational security support, maintaining an in-depth cybersecurity posture, providing security program implementation reports. 

  • Use tools such as HBSS to monitor, detect, and defend the DOD computer networks and systems.

  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.

  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.

  • Evaluate firewall change requests and assess organizational risk.

  • Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.

  • Assist with implementation of counter-measures or mitigating controls.

  • Conduct regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.

  • Develop, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools.

  • Safeguard the network against unauthorized infiltration, modification, destruction or disclosure.

  • Research, evaluate, test, recommend, communicate and implement new security software or devices.

  • Conduct investigations of computer security violations and incidents, reporting as necessary to management.

  • Prepare incident reports of analysis methodology and results.

  • Ensure compliance with regulations and privacy laws.

  • Provide guidance and leadership to less-experienced team members.

  • Demonstrated innovative thinking and follow through

  • Demonstrated rapid response to customer requests

  • Experience in researching new/emerging technologies.

  • For a senior level position at least five (5) years of the experience must be in all phases of IA and accreditation process for Top Secret networks.  

  • Additionally, at least five (5) years of experience maintaining accreditation documentation.

Work Location: Some positions will be based at St. Inigoes, MD work site and some positions will be 100% Telework

This position requires being fully vaccinated against COVID-19 by December 8, 2021 or the start date, if after December 8.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.