We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.
GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Cybersecurity Analyst joining our team to support Department of State activities at Sterling, VA.
At GDIT, people are our differentiator. As a Cybersecurity Analyst supporting Department of State (DoS) Commercial Solutions for Classified (CSfC) deployment, you will be trusted to work on cyber innovative and future solutions. The candidate will provide applications and tools development support for large enterprise. Candidate will be responsible for design, engineering, developing, testing, deploying applications and tools in virtualized environments that host web servers, database servers, domain controllers etc., on premise and in the cloud.
In this role, you will apply your understanding of computer security and Department of State Information Assurance (DoS) (IA) policies, in the execution of all aspects of the systems and their Cybersecurity posture. This position is responsible for execution of the Risk Management Framework (RMF), and the implementation of Cybersecurity and IA boundary defense techniques, various IA-enabled network technologies and appliances to facilitate certification and security engineering tasks in support of the customer.
You will partner with Security Analysts and Enterprise Architects to establish, understand, and adhere to technical and IT security standards. Involved in all aspects of the technology life-cycle to ensure that non-functional and functional requirements are adhered to in design and build so solutions are stable, secure, resilient, and perform well. This position will work under general supervision to provide Cybersecurity engineering documentation services to build secure technical documentation for applications, systems, architectures, and infrastructure that are operationally viable and efficient.
Providing mid-level Assessment and Authorization support, you will lead the manual and application-based STIG evaluations for the network enterprise. This position will be responsible to plan, develop, and execute automated and manual tests to validate security posture/controls. A typical day in this position will include:
Author IA Assessment and Authorization (A&A) artifacts
Document a system from an IA perspective
Derive, document and/or identify system CONOPS
Research, recommend and document logical and physical solutions that prevent, detect, and correct the system to be certified and accredited
Research and apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations
Identify disagreements between as built specifications, security requirements and DoS security policies and design implementations to bring the system into compliance.
Plan, develop, execute, and document results of security test procedures
Prepare and execute an Information Assurance Vulnerability Management (IAVM) Plan
Prepare and produce a System Security Plan (SSP) and Plan Of Action and Milestones (POA&M)
Provide technical support effort in identifying and specifying requirements and performing risk assessments
Develop Standard Operating Procedures (SOP)
Ensure IT solutions meet requirements for security, availability, capacity, resiliency, and performance in a way that is efficient and supportable, reducing overall support costs
Understand industry leading solutions and trends for assigned technologies and applying those as appropriate
Understand business needs and partnering with appropriate IT counterparts to recommend technology solutions
Establish and maintain an IT multi-year strategy with a focus on continuous improvement. Create and maintain solutions architecture artifacts and other strategy and system documentation
Use tools such as Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), Exacta, Cisco Prime and Cisco Adaptive Security Appliance
Assist the government with input, instructions, and guidance as needed for the creation of adequate package documentation and artifacts
Develop and present briefings to technical and senior management audiences and communicate assessment results, risk analyses, mitigation strategies, and forward plans
WHAT YOU’LL NEED:
Degree in a Computer Science, Engineering or Information Technology related field is desired but not required. Bachelors degree in Information Technology/Systems or experience. Masters degree preferred
1+ years of experience in information technology PREFERRED
Demonstrate proven experience (with tangible outcomes and results), a can-do attitude, an ability to influence internal and external customers, and a leadership and communication style required to lead a diverse and dispersed team
Embrace and embody GDIT’s of Commitment, Impact, Integrity, Imagination, and Agility
Active Interim Secret Security clearance with ability to obtain TS/SCI
Experience with performing both manual AND tool performed STIGs
Experience with computer networking and telecommunication architecture, the OSI model, and communications protocols
Experience in collaborating with multiple technical teams to drive solutions that requirement driven including technical subject matter experts, including hardware and software designers, operations personnel, and test engineers and communicate potential security risks and mitigations
Experience in organizing and coordinating deployments of complex systems
Experience with OS Tier 2 Support in heterogeneous operating system environments (Linux, Windows)
A working knowledge of deployment methodologies and tooling
Experience using Microsoft Office including MS Visio, MS Word, MS Excel and other appropriate tools.
Experience with Authorization & Accreditation including familiarity with Risk Management Framework (RMF) and the process to obtain an Authority to Operate (ATO)
Strong English communication skills with ability to communicate clearly and succinctly in written and oral presentations
Security Clearance of TS/SCI.
Knowledge of multiple solutions architectures: Cisco, Oracle, Juniper, Windows, and VMWare
Cybersecurity or Computing environment certification – Any of the DOD 8570, Microsoft, Cisco, Juniper, etc.
1-year lead experience in information technology, preferred
Experience in coordination of;
Mobile Solutions (Smart Phones and Tablets)
Commercial Solutions for Classified (CSfC) Mobility Access (MA) and Multi-site Connectivity (MSC) Capability Packages (CP)
Production Monitoring Environments
Conducting internal security reviews/audits of responsible government systems
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.