Are you an experienced cybersecurity professional that wants to make a difference? Are you driven to ensure information systems are resilient in terms of both security and operations? Do you want to change how customers manage risk tactically, operationally, and strategically? Then we have an opportunity for you.
GDIT is a leading cybersecurity solutions provider to the federal government. We have an immediate need for a Commercial Solutions for Classified Systems (CSfC) Cybersecurity Analyst Advisor to support our Department of State customer. This position will drive a team of cybersecurity analysts in collaboration with cyber architects and engineers focused to ensure we meet our customer’s security services and technology needs.
The Cybersecurity Analyst Advisor will provide technical expertise for evaluating a wide array of current and new technologies. Technologies include all approved NSA packages and evaluated products at a minimum. The Cybersecurity Analyst is responsible for drafting recommendations for secure implementation, in accordance with security configuration standards and industry best practices. The analyst will be responsible for reviewing enterprise change requests to ensure their compliance with DOS Departmental policy, technical security countermeasures, and industry best practices. The analyst will actively participate in several change review and control boards, providing verbal and written recommendations.
This position requires senior cybersecurity solutions technical background, in particular, aspects like configuration, design, and implementation of NSAs Commercial Solutions for Classified (CSfC). CSfC will be the basis for this new architecture and knowledge of this system and technology is essential.
Serve as technical team lead or task leader of approximately 5 analysts.
Provide analysis, coordination, and technical documentation of security controls related to the ongoing Assessment and Authorization (A&A) activities of a NSAs Commercial Solutions for Classified (CSfC) deployment.
Establish ongoing continuous monitoring and compliance with the NIST Risk Management Framework (RMF).
Responsible for documenting security controls, both implemented and planned.
Responsible for driving to a successful Client ATO and all required NSA CSfC Capability Package approvals.
Responsible for collecting, processing, and maintaining artifacts that demonstrate continuous compliance with established policies and procedures. (e.g. Contingency plan training and test results.)
Actively drive and participate in ongoing system change reviews, providing verbal and written recommendations.
Bachelor’s Degree or higher and minimum of 10 years of experience analyzing technologies (e.g., Mobile platforms, Cloud Services, Identity and Access Management) for relevant cybersecurity vulnerabilities and developing mitigation strategies
5-7 years of active involvement in FISMA implementation to include the NIST Risk Management Framework (RMF), C&A/A&A, cybersecurity reviews and assessments
3-5 years of experience in enterprise change management processes (e.g., ITIL, change request documentation, NIST SP 800-37 based Security Impact Analysis)
Proven capability to lead A&A teams on complex deployments.
Demonstrated experience in delivering NSA CSfC ATO and Capability Package approvals
Clear and concise oral and written communication; capability to interface at multiple levels of client, mission partners and GDIT to successfully present technical information
Experience working within the parameters detailed via DISA STIGs.
Capacity to track, guide, and when necessary mentor multiple teams simultaneously.
Strict attention to detail; Adherence to rigid guidelines and processes; Ability to validate, update and maintain accurate records.
Ability to work in a virtual team environment as well as independently.
Minimum of active interim Secret clearance and ability to obtain up to a TS/SCI.
Master’s Degree or equivalent years of experience in cybersecurity
2-3 years’ hands-on experience with system engineering, analysis, or administration of an enterprise level (10,000+ nodes) network infrastructure, to include routers, switches, servers, and firewalls (e.g., Cisco routers and switches, Windows servers, McAfee, Cisco, or Juniper firewalls)
Solid understanding of firewall rule structure, network protocols, and associated vulnerabilities
Solid understanding of Active Directory and Windows Servers on an enterprise level
2-3 years of hands-on experience with configuration and/or administrating enterprise mobile device deployment
2-3 years of experience working with server/application virtualization on an enterprise level
1-3 years of experience with configuring/administrating wireless networks
1-3 years of experience with configuration and/or administrating VOIP
U.S. Department of State experience
Certified Authorization Professional (CAP)
Certified Cloud Security Professional (CCSP)
Certified Information Systems Security Professional (CISSP), Systems Security Certified
Practitioner (SCCP), or equivalent certification
Certificate of Cloud Security Knowledge (CCSK) or equivalent certification
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.