GDIT is looking for an IT Security Systems & Operations Analyst to join our team.
The IT Security Office is responsible for OIG information security policies, procedures, and services to protect the confidentiality, integrity, and availability of the information within the information technology infrastructure. The OIG’s information resources are sensitive assets and are critical in the performance of its mission; therefore, information security services help safeguard the information resources entrusted to the OIG.
Section I: Position Description
Implements and interprets the requirements for agency compliance with policy directives governing IT infrastructure protection
Manages and Administers Security Systems
Administers Security Tools including IPS/IDS, Firewall, Advanced Malware Protection, Security Incident and Even Management, Vulnerability Identification and Analysis, security logging, Anti-malware, 2 factor authentication, password protection and secure document sharing and collaboration solutions. (CISCO IPS/IDS/Firewall, FireEye, McAfee NITRO SIEM, RAPID 7 and Nessus scanners, Splunk, RedSeal Vulnerability management and analysis, Sophos anti-malware, LastPass password management, WatchDox secure file sharing & Collaboration)
Responsible for primary or alternate management of all IT Security systems including patch management, upgrades, integration engineering, reporting.
Executes USPSOIG security policy and compliance management program
Identifies current and potential IT security risks and recommends mitigation strategies
Monitors agency compliance with infrastructure protection requirements across IT programs
Participates in the development of security policies
Participates in the certification and accreditation of OIG systems
Conducts cyber threat and vulnerability analysis and remediation
Configures and monitors security using Microsoft enterprise solutions (windows 7, Active Directory 2008, Group Policy management); assessing and remediating Microsoft enterprise vulnerabilities
Develops security metrics and manages reporting and compliance
Serves as CIRT/CERT member
Supports operational implementation of FISMA/NIST standards
Conducts Computer Security Forensics
Operates Security Tools, monitoring, response, and reporting including IPS/IDS, Firewall, Advanced Malware Protection, Security Incident and Even Management, Vulnerability Identification and Analysis, security logging, Anti-malware,2 factor authentication, password protection and secure document sharing and collaboration solutions. (CISCO IPS/IDS/Firewall, FireEye, McAfee NITRO SIEM, RAPID 7 and Nessus scanners, RedSeal Vulnerability management and analysis, Sophos anti-malware, LastPass password management, WatchDox secure file sharing & Collaboration)
Manages IT Security awareness training program in cooperation with Learning Management team including developing and delivering IT Security awareness training modules.
Manages Password Management system in coordination with Service Desk
Responds to IT Security trouble tickets generated by customers and IT staff. Identifies solutions, works with customer and OCIO team to execute solutions and manages ticket input, update and resolution in OCIO ticketing system to maintain service level agreements.
Supports Security Engineering and tech solution support and expertise
Participates in the certification and accreditation of OIG systems
Identifies security risks and recommends risk mitigation strategies
Reviews new and existing systems to address technical solutions to provide enhanced security and ensure baseline security requirements are met
Develops security architecture, technical solutions for security products, and integrates
Collaborates with members of CIO and Business units to develop security architecture and solutions for IT and business systems
Develops and executes project plan to engineer, construct, deploy and monitor/manage IT Security infrastructure solutions.
Understanding of security requirements associated with cloud-hosted environments and services
Evaluates security requirements associated with cloud-hosted environments and services and
Evaluates security requirements associated with mobile applications
Section II: Position Requirements
Skill & Ability to administer and manage Windows and Linux-based systems running security systems applications.
Knowledge of information security principles, concepts, practices, systems software, database software, and immediate access storage technology to carry out activities relating to security certification and accreditation
Knowledge & Skill in implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance. Experience interpreting and implementing FISMA/NISG requirements focused on the operational implementation and documentation of those requirements
Skill and Ability in executing Security Operations including incident detection, identification, management, response, and reporting. Must have experience in incident management
Skill in making recommendations that significantly influence OIG’s information security policies or programs. Experience building policies and preparing briefings to explain security programs and requirements to senior executives.
Skill & Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues
Skill & Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications
Knowledge of security requirements for cloud-hosted environments and services and mobile application development and deployment
Ability to ensure coordination and/or collaboration on security activities
Ability to effectively communicate both orally and in writing with management and other technical specialists
Ability to plan, organize and manage tasks on time with minimal supervision
Degree in Information Assurance, Information Systems, Computer Science, or related field
MS Windows Server 2008/2012 and Linux operating system certification (desired)
ITIL v3 Foundation certification (desired)
Top Secret Security Clearance (or ability to obtain TS clearance) (for Security Operations and engineering work)
Section III: Experience
Candidate will possess at least 7 years of specialized IT experience with at least 5 years in IT operations.
This program only accepts US citizens and/or Green Card Holders. The security clearance for this program requires the selected candidate to have resided in the US for the past five years. The selected candidate cannot have left the country for longer than 90 consecutive days and no more than 180 cumulative days.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.