Information Assurance/Security Specialist

Clearance Level
None
Category
Information Security
Location
Germantown, Maryland

REQ#: RQ103394

Travel Required: Less than 10%
Public Trust: Other
Requisition Type: Regular

GDIT is seeking a Cyber Security Analyst to join our team supporting the U.S. Department of Energy’s (DOE) Office of the Chief Financial Officer (OCFO), Office of Corporate Information Systems to provide Operations and Maintenance (O&M) Support Services of their Corporate Business Systems (CBSOM).

As a Cyber Security Analyst, you will provide cyber security and vulnerability management support for a suite of DOE business applications. You will support DOE’s Corporate Business Systems, used by over 14,000 users to fulfill the agency’s mission to promote energy independence, progress scientific research, and protect the nation through nuclear security.   You will be part of a 60+ person team supporting DOE on multiple task orders under our Blanket Purchase Agreement (BPA). Services on this single award BPA with a Period of Performance through early 2028 will be performed at the DOE office located at 20300 Century Boulevard, Germantown, MD, 20874. (Currently remote due to COVID-19).   For more information about the Department of Energy’s Office of Corporate Business Systems mission and functions, go to https://www.energy.gov/cfo/services/corporate-information-systems.   

 

Duties and responsibilities will include, but are not limited to:  

  • Gathers and organizes technical information about an organization’s mission goals and needs, IT infrastructure and existing security/IA products.   

  • Assists with the application of security/IA policies, procedures and standards.   

  • Responsibilities include working with the customer to minimize risks and assess and secure networks 

  • Performs all procedures necessary to ensure the safety of the organization’s Website and transactions across the Internet.  

  • Ensures that the user community understands and adheres to necessary procedures to maintain security. Works under limited supervision 

  • Interprets technical information about an organization’s mission goals and needs, IT infrastructure and existing security/IA products.   

  • Assists in applying organizational security/IA policies, procedures and standards.   

  • Collaborate with the customer to minimize risks and assess and secure networks. 

  • Work with Risk Management Framework (RMF), STIGs, and IA Controls to apply and evaluate the security of DOE business applications 

  • Identify data patterns, provide metrics, diagnose problems and provide intelligence for business operations by using tools such as SPLUNK, DBProtect, and Burp-Suite 

  • Leverage Security Information and Event Management (SIEM) systems and ITIL methodology and processes in the delivery of cyber-security services. 

  • Execute and interpret vulnerability scans, and collaborate with system owners to address vulnerabilities 

  • Collaborate with database and application teams to manage and support Plans of Actions and Milestones (POAM) remediation 

  • Apply diagnostic techniques to identify problems, investigate causes, and recommend solutions. 

  • Document all user requests and actions taken in ServiceNow ticketing system 

  • Maintain current knowledge of relevant technology as assigned 

  

Minimum Requirements:  

  • Bachelor’s degree in Computer Science, Information Systems, Software Engineering, Business, or other related discipline with 3+ years of increasingly responsible and relevant experience in defining security requirements.  Without a degree at least 5 years of relevant experience is required.  

  • 3+ years of hands-on cybersecurity experience, including architecture and penetration testing, firewalls, encryption, security monitoring, event and anomaly analysis and intrusion detection/prevention. 

  • 2+ years of hands-on experience with Burp suite, Nessus, or Tenable vulnerability scans 

  • 2+ years of hands-on experience with Trustwave DB Protect  

  • Understanding of common hacking techniques (e.g., malware, etc.) and effective counter measures. 

  • Experience in Microsoft and Linux including Red Hat web server platforms 

  • Experience with Oracle and Microsoft SQL Server databases and their security configurations 

  • Good team player, able to manage multiple assignments, and adapt to changing client needs 

  • Must be able to obtain and maintain a DOE Clearance and successfully pass a thorough Government background screening process requiring the completion of detailed forms and fingerprinting 

  • US Citizenship 

 

Desired Qualifications:  

  • ITIL v3 or v4 certification 

  • Experience with ServiceNow for incident management, problem management, and service request management 

  • Experience with Anti-Virus, Intrusion Detection/Protection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments. 

  • Cybersecurity certifications (e.g. CISSP, CISA, CISM, CCSP, GCIH, GCIA, GSEC, OSCP, CHFI, CEH) 

  • Previous Department of Energy experience. 

 

WHAT GDIT CAN OFFER YOU: 

  • Full-flex work week 

  • 401K with company match 

  • Internal mobility team dedicated to helping you own your career 

  • Collaborative teams of highly motivated critical thinkers and innovators 

  • Ability to make a real impact on the world around you 

 

Not sure this job’s the one for you? Check out our other openings at gdit.com/careers.  
 
Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking “Share.” 

This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Texas or Montana or work outside of the United States may be excluded from this requirement.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.