IT Security Analyst - Operations (TS)

Clearance Level
Top Secret
Category
Cyber Security
Location
Arlington, Virginia

REQ#: RQ135713

Travel Required: None
Requisition Type: Regular

Seize your opportunity to make a personal impact as an IT Security Analyst (Operations) supporting The United States Postal Service (USPS) Office of Inspector General (OIG). GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiator. You will help ensure today is safe and tomorrow is smarter. You will have a primary focus working as a team member of the IT Security Office. This team is responsible for OIG information security policies, procedures, and services to protect the confidentiality, integrity, and availability of the information within the information technology infrastructure. The OIG’s information resources are sensitive assets and are critical in the performance of its mission; therefore, information security services help safeguard the information resources entrusted to the OIG.

HOW AN IT SECURITY ANALYST (OPERATIONS) WILL MAKE AN IMPACT

  • Implements and interprets the requirements for agency compliance with policy directives governing IT infrastructure protection
  • Executes USPSOIG security policy and compliance management program
    • Identifies current and potential IT security risks and recommends mitigation strategies
    • Monitors agency compliance with infrastructure protection requirements across IT programs
    • Participates in the development of security policies
    • Participates in the certification and accreditation of OIG systems
  • Executes security related operational activities
    • Manages security incident detection, response, remediation
    • Conducts cyber threat and vulnerability analysis and remediation
    • Configures and monitors security using Microsoft enterprise solutions (windows 7, Active Directory 2008, Group Policy management); assessing and remediating Microsoft enterprise vulnerabilities
    • Develops security metrics and manages reporting and compliance
    • Serves as CIRT/CERT member
    • Supports operational implementation of FISMA/NIST standards
    • Conducts Computer Security Forensics
    • Operates Security Tools, monitoring, response, and reporting including IPS/IDS, Firewall, Advanced Malware Protection, Security Incident and Even Management, Vulnerability Identification and Analysis, security logging, Anti-malware,2 factor authentication, password protection and secure document sharing and collaboration solutions (CISCO IPS/IDS/Firewall, FireEye, McAfee NITRO SIEM, RAPID 7 and Nessus scanners, RedSeal Vulnerability management and analysis, Sophos anti-malware, LastPass password management, WatchDox secure file sharing & Collaboration)
    • Manages IT Security awareness training program in cooperation with Learning Management team including developing and delivering IT Security awareness training modules
    • Manages Password Management system in coordination with Service Desk
    • Responds to IT Security trouble tickets generated by customers and IT staff. Identifies solutions, works with customer and OCIO team to execute solutions and manages ticket input, update and resolution in OCIO ticketing system to maintain service level agreements
  • Supports Security Engineering and tech solution support and expertise
    • Participates in the certification and accreditation of OIG systems
    • Identifies security risks and recommends risk mitigation strategies
    • Reviews new and existing systems to address technical solutions to provide enhanced
    • security and ensure baseline security requirements are met
    • Develops security architecture, technical solutions for security products, and integrates
    • Collaborates with members of CIO and Business units to develop security architecture and solutions for IT and business systems
    • Develops and executes project plan to engineer, construct, deploy and monitor/manage IT Security infrastructure solutions
    • Evaluates security requirements associated with cloud-hosted environments and services and Evaluates security requirements associated with mobile applications

WHAT YOU’LL NEED TO SUCCEED:

  • Education:
    • BA/BS in Information Assurance, Information Systems, Computer Science, or related field

  • Required Experience:
    • 7+ years of specialized IT experience with at least 5 years in IT operations
    • Knowledge of information security principles, concepts, practices, systems software, database software, and immediate access storage technology to carry out activities relating to security certification and accreditation
    • Knowledge & Skill in implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance
    • Experience interpreting and implementing FISMA/NISG requirements focused on the operational implementation and documentation of those requirements
    • Knowledge of security requirements associated with cloud-hosted environments and services and mobile application development and deployment

  • Required Technical Skills:
    • GIAC, CISSP certification(s) (or equivalent); CISCO/Microsoft Security Certification; DHS Security Certification

  • Desired Experience:
    • ITIL v3 Foundation certification

  • Security Clearance Level:
    • Top Secret Security Clearance (or ability to obtain TS clearance) (for security Operations and engineering work).
    • The security clearance for this program requires the selected candidate to have resided in the US for the past five years. The selected candidate cannot have left the country for longer than 90 consecutive days and no more than 180 cumulative days.

  • Required Skills and Abilities:
    • Skill and Ability in executing Security Operations including incident detection, identification, management, response, and reporting (must have experience in incident management)
    • Skill in making recommendations that significantly influence OIG’s information security policies or programs
    • Experience building policies and preparing briefings to explain security programs and requirements to senior executives
    • Skill and Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues
    • Skill and Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications
    • Ability to ensure coordination and/or collaboration on security activities
    • Ability to effectively communicate both orally and in writing with management and other technical specialists
    • Ability to plan, organize and manage tasks on time with minimal supervision

  • Location:
    • Hybrid Remote
    • Needs to be within 2 hours of primary location in Arlington, VA for an as needed basis

WHAT GDIT CAN OFFER YOU: 

  • Full-flex work week to own your priorities at work and at home (with prior manager approval)
  • 401K with company match 
  • Internal mobility team dedicated to helping you own your career 
  • Professional growth opportunities including paid education and certifications
  • Cutting-edge technology you can learn from 
  • Rest and recharge with paid vacation and holidays

 #GDITCareers #CISSP #GIAC


About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.