GDIT is looking for a Senior Engineer for a cybersecurity team which performs vulnerability analysis for a customer with a complex network featuring over 100,000 endpoints. The objectives of the team are to develop a risk picture for the enterprise and to provide tailored remediation strategies to stakeholders in order to improve the overall cybersecurity posture of the organization.
In this role, you will assist a small team in vulnerability management for stakeholders at all levels across the enterprise. This will include analysis of high-profile and high-impact vulnerabilities, zero-day threats, the creation and execution of mitigation strategies, and the liaising with various IT stakeholders to coordinate implementation of such strategies.· Leading enterprise efforts on risk assessment, detailed technical recommendations and coordination of remediation and mitigation strategies.· Preparing reports and conducting briefings for senior leadership related to routine and high profile vulnerability analysis.· Developing and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, policy compliance and vulnerability analysis of the overall enterprise security posture.· Communicating recommendations to the responsible parties, and engaging in both tracking and verification of their remediation efforts.· Continually analyzing available security information, including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, threat reporting, OIG reporting, and other intelligence information to update and assess the status of an organization’s cyber security posture.
Have experience conducting security assessments of available configurations within Cloud systems, such as Google, Amazon Web Services, and Microsoft Azure.
Have experience conducting external scanning, or network reconnaissance, of an organizations Internet-facing IP space.
· Understanding the A&A process and the creation of Plans of Action and Milestones (POA&Ms) for system owners.· Experience with reviewing security audit logs or security configurations in an incident response-type role (CERT-related), or in penetration testing.· Interfacing with vendor support teams to keep abreast of developments within products currently in use.· Documenting team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference.· Building working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements.· Both formulating new and adjusting existing information security metrics for the purpose of analysis and greater enterprise security posture awareness.· Consultation and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission.
COVID-19 Vaccination Requirement: To protect the health and safety of its employees and to comply with customer requirements, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.