The Information Security Analyst is responsible for the planning, design, and implementation of technology and procedures designed to maintain the confidentiality, availability, and integrity of the information resources, computer, and networking systems. They provide recommendations to information system owners to ensure information systems are maintained in a state of compliance with established privacy, electronic communications, information protection, and records management policies. This individual must have strong knowledge of information protection and data privacy laws and considerations. Strong understanding of the Joint Special Access Program (SAP) Implementation Guide (JSIG), and Intelligence Community Directive (ICD) requirements.
Performs security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards
Ensures the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services
Uses the Risk Managed Framework (RMF) to contribute to the Authorization and Assessment (A&A) process for new and existing information systems, to include facilitating Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and Continuous Monitoring (CONMON)
Reviews various operating systems such as Windows and Linux for compliance with governing requirements
Assess and document test or analysis data to show compliance with security requirements
Direct, conduct and mitigate risk assessments and investigations; and oversee activities of incident response.
Performs assessment of present levels of cyber security and possesses knowledge of proper cyber security practices
Plans and schedules the installation of new or modified security hardware, operating systems, and software applications
Ensures the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Cybersecurity Vulnerability Management program
Guides the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program, including boundary defense, incident detection, and response
Provide onsite incident response
In-depth knowledge of continuous monitoring tools
8+ years of Information Security or Cybersecurity experience
BA/BS in Information Security/Cybersecurity or related field, or the equivalent combination of education, technical training, or work/military experience.
DoD 8570.01 certification required – Security+, or higher
IAT Level II certification required- GSEC/CySA/CASP+ CE
IAT Level III certification preferred – CISSP
Must have fully adjudicated Top Secret-SCI security clearance
CI/Polygraph may be required after hire
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.