Cybersecurity Analyst (RMF) - Clearance Required

Clearance Level
Interim Secret
Information Security
Sterling, Virginia

REQ#: RQ90828

Travel Required: Less than 10%
Requisition Type: Regular

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do. 

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Cybersecurity Analyst joining our team to support Department of State activities at Sterling, VA.

At GDIT, people are our differentiator. As a Cybersecurity Analyst supporting Department of State (DoS) Commercial Solutions for Classified (CSfC) deployment, you will be trusted to work on cyber innovative and future solutions. The candidate will provide applications and tools development support for large enterprise. Candidate will be responsible for design, engineering, developing, testing, deploying applications and tools in virtualized environments that host web servers, database servers, domain controllers etc., on premise and in the cloud.

In this role, you will apply your understanding of computer security and Department of State Information Assurance (DoS) (IA) policies, in the execution of all aspects of the systems and their Cybersecurity posture. This position is responsible for execution of the Risk Management Framework (RMF), and the implementation of Cybersecurity and IA boundary defense techniques, various IA-enabled network technologies and appliances to facilitate certification and security engineering tasks in support of the customer.

You will partner with Security Analysts and Enterprise Architects to establish, understand, and adhere to technical and IT security standards. Involved in all aspects of the technology life-cycle to ensure that non-functional and functional requirements are adhered to in design and build so solutions are stable, secure, resilient, and perform well. This position will work under general supervision to provide Cybersecurity engineering documentation services to build secure technical documentation for applications, systems, architectures, and infrastructure that are operationally viable and efficient.

Providing mid-level Assessment and Authorization support, you will lead the manual and application-based STIG evaluations for the network enterprise. This position will be responsible to plan, develop, and execute automated and manual tests to validate security posture/controls. A typical day in this position will include:

  • Author IA Assessment and Authorization (A&A) artifacts
  • Document a system from an IA perspective
  • Derive, document and/or identify system CONOPS
  • Research, recommend and document logical and physical solutions that prevent, detect, and correct the system to be certified and accredited
  • Research and apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations
  • Identify disagreements between as built specifications, security requirements and DoS security policies and design implementations to bring the system into compliance.
  • Plan, develop, execute, and document results of security test procedures
  • Prepare and execute an Information Assurance Vulnerability Management (IAVM) Plan
  • Prepare and produce a System Security Plan (SSP) and Plan Of Action and Milestones (POA&M)
  • Provide technical support effort in identifying and specifying requirements and performing risk assessments
  • Develop Standard Operating Procedures (SOP)
  • Ensure IT solutions meet requirements for security, availability, capacity, resiliency, and performance in a way that is efficient and supportable, reducing overall support costs
  • Understand industry leading solutions and trends for assigned technologies and applying those as appropriate
  • Understand business needs and partnering with appropriate IT counterparts to recommend technology solutions
  • Establish and maintain an IT multi-year strategy with a focus on continuous improvement. Create and maintain solutions architecture artifacts and other strategy and system documentation
  • Use tools such as Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Exacta, Cisco Prime and Cisco Adaptive Security Appliance
  • Assist the government with input, instructions, and guidance as needed for the creation of adequate package documentation and artifacts
  • Develop and present briefings to technical and senior management audiences and communicate assessment results, risk analyses, mitigation strategies, and forward plans


  • Degree in a Computer Science, Engineering or Information Technology related field is desired but not required. Bachelors degree in Information Technology/Systems or experience. Masters degree preferred
  • 1+ years of experience in information technology PREFERRED
  • Demonstrate proven experience (with tangible outcomes and results), a can-do attitude, an ability to influence internal and external customers, and a leadership and communication style required to lead a diverse and dispersed team
  • Embrace and embody GDIT’s of Commitment, Impact, Integrity, Imagination, and Agility
  • Active Interim Secret Security clearance with ability to obtain TS/SCI
  • Experience with performing both manual AND tool performed STIGs
  • Experience with computer networking and telecommunication architecture, the OSI model, and communications protocols
  • Experience in collaborating with multiple technical teams to drive solutions that requirement driven including technical subject matter experts, including hardware and software designers, operations personnel, and test engineers and communicate potential security risks and mitigations
  • Experience in organizing and coordinating deployments of complex systems
  • Experience with OS Tier 2 Support in heterogeneous operating system environments (Linux, Windows)
  • A working knowledge of deployment methodologies and tooling
  • Experience using Microsoft Office including MS Visio, MS Word, MS Excel and other appropriate tools.
  • Experience with Authorization & Accreditation including familiarity with Risk Management Framework (RMF) and the process to obtain an Authority to Operate (ATO)
  • Strong English communication skills with ability to communicate clearly and succinctly in written and oral presentations

Desired Skills:

  • Security Clearance of TS/SCI.
  • Knowledge of multiple solutions architectures: Cisco, Oracle, Juniper, Windows, and VMWare
  • Cybersecurity or Computing environment certification – Any of the DOD 8570, Microsoft, Cisco, Juniper, etc.
  • 1-year lead experience in information technology, preferred
  • Experience in coordination of;
    • Management Networks
    • Mobile Solutions (Smart Phones and Tablets)
    • Commercial Solutions for Classified (CSfC) Mobility Access (MA) and Multi-site Connectivity (MSC) Capability Packages (CP)
    • Production Monitoring Environments
  • Conducting internal security reviews/audits of responsible government systems





We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.