Information Security Analyst

GDIT has a need for an experienced Information Security Analyst to support U.S. Army Europe as part of our EMITS Program Team in Poznan, Poland (unaccompanied).

The Information Assurance Analyst will be responsible for perform information assurance support and assist in the development of the customer’s accreditation packages through RMF across multiple networks and systems. The Analyst will be tasked with the performing scanning and remediation in coordination with the service providers, technical and engineering leads, and IA personnel.

The Information Assurance Analyst will be responsible for developing the ATO packages, complete submissions for software, update APMS records with system engineering cost estimates and other required data, and coordinate with DPTMS to task out data requirements as required.

HOW AN INFORMATION SECURITY ANALYST WILL MAKE AN IMPACT

• Provide maintenance and tracking of existing packages as well as the development of new packages as required for support of existing and emerging requirements.

• Work with security engineering team to integrate new capabilities, plan lifecycle replacements, and provide input into the security architecture roadmaps.

• Create programmatic documentation, standard operating procedures and granular process checklists.

• Set up administrator and service accounts.

• Maintain system documentation and make recommendations for hardware and software, coordinate installation, and provide backup recovery.

• Develop and monitor policies and standards for allocation related to the use of computing resources.

• Develop and implement testing strategies and document results.

• Identify ports, protocols, and services used, network data requirements, data flow diagrams and/or descriptions, hosting environment for the application, web application encryption methods, documentation of applicable Security Technical Implementation Guide (STIG) implementations, and if the system stores or processes Personally Identifiable Information (PII).

• Implement and provide documentation for applicable STIGs. Assist with identifying mitigations to non-compliant CCIs or STIG items.

• Implement protections as identified by the Information Assurance Vulnerability Management (IAVM) program provided by DISA. Identify mitigations to non-compliant IAVM items.

• Ensure findings of Assured Compliance Assessment Solution (ACAS) and Security Content Automation Protocol (SCAP) scans are remediated or mitigations are identified that reduce the risk of an exploit to an acceptable level.

• Implement all cryptographic routines such that they are compatible with FIPS 140-2 requirements.

WHAT YOU WILL NEED TO SUCCEED

• Security Clearance Required: Secret Security Clearance

• Education: Bachelors Degree (additional 4 years experience can be substituted for degree requirement)

• Experience: 8-10 years of related experience in Cybersecurity administration.

• Certification: CISSP (or associate) certification required. ITIL Foundation required within 90 days of hire.

• This position may occasionally require some physical activity; lifting objects; bending; crouching down (i.e. to troubleshoot equipment); and long periods of sitting.

WHAT GDIT CAN OFFER YOU:

• 401K with company match

• Comprehensive health and wellness packages

• Internal mobility team dedicated to helping you own your career

• Professional growth opportunities including paid education and certifications

• Cutting-edge technology and the ability to make a real impact on the world around you.

#defenseOCONUS