Plans, prepares, and executes tests of systems to evaluate results against specifications and requirements as well as analyze/report test results.
Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Deeply involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and may make recommendations on process tailoring.
Deeply involved in the performance of analyses to validate established security requirements and to recommend additional security requirements and safeguards.
Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
Periodically conducts of a review of each systems audits and monitors corrective actions until all actions are closed.
DESIRED QUALIFICATIONS: BA/BS (or equivalent experience), 2+ years of experience
Experience with SCAP Compliance Checker (SCC) and DISA STIGs.
Demonstrable understanding of system hardening processes, tools, guidelines, and benchmarks
Experience with Secure Configuration/Hardening of DoD Information Systems.
Experience with installing, operating, and optimizing SIEM (Splunk).
Experience with configuration, operation, and monitoring using AWS GuardDuty and/or Azure Security.
Experience with installing, integrating, and optimizing security components and tools.
Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Strong understanding of enterprise, network, system, and application level security engineering principles.
Demonstrable, hands-on expertise with patching and security remediations for Windows and Linux operating systems.
The likely salary range for this position is $68,000 - $102,000. This is not, however, a guarantee of compensation or salary; rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.