Cyber Security Analyst & Engineer (Secret Clearance Required)

Clearance Level
Interim Secret
Category
Cyber Security
Location
Rosslyn, Virginia

REQ#: RQ72288

Travel Required: None
Public Trust: None
Requisition Type: Regular

GDIT is looking for an information technology analyst for a cybersecurity team which performs vulnerability analysis for a customer with a complex network featuring over 100,000 endpoints. The objectives of the team are to assist the enterprise with vulnerability management and to provide tailored remediation strategies to stakeholders in order to improve the overall cybersecurity posture of the organization.

In this role, you will assist a small team in vulnerability identification and prioritization for stakeholders at all levels across the enterprise. This will include analysis of high-profile and high-impact vulnerabilities, zero-day threats, the creation and execution of mitigation strategies, and liaising with various IT stakeholders to coordinate implementation of such strategies. Further aspects of this role will involve:

  • Assisting enterprise efforts on cybersecurity assessments, and coordinating and executing remediation and mitigation strategies;
  • Preparing reports and conducting briefings for senior leadership related to both routine and high-profile vulnerability analysis;
  • Developing and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, policy compliance, and vulnerability analysis of the overall enterprise security posture;
  • Communicating recommendations to the responsible parties, and subsequently engaging in both tracking and verification of their remediation efforts;
  • Continually analyzing available security information, including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, threat reporting, OIG reporting, and other intelligence information to update and assess the status of the organization’s cyber security posture;
  • Assisting with the Accreditation & Authorization (A&A) process and the creation of Plans of Action and Milestones (POA&Ms) for system owners;
  • Interfacing with cybersecurity product vendor support teams to keep abreast of developments within products currently in use;
  • Documenting team processes for use in internal Standard Operating Procedures (SOPs), and other on-the-shelf documentation of processes for future team reference;
  • Building working relationships to effectively complete the mission, while acknowledging and respecting stakeholder needs and requirements;
  • Both formulating new and adjusting existing information security metrics for the purpose of analysis and greater enterprise security posture awareness; and,
  • Consultation and support to other parties concerning Computer Network Defense (CND), often on an ad hoc basis, as necessary for the mission.

Required Qualifications:

  • Bachelor’s Degree or equivalent years of experience in a relevant field (e.g. Cybersecurity, Information Technology, or Computer Science);
  • Minimum two (2) years of experience in information security, information technology, or related field;
  • Some familiarity with traditional Blue Team or Red Team network security activities;
  • Some familiarity with the performance of cyber risk assessments through correlating known vulnerabilities, understanding the threat environment, and prioritizing to mitigate risk to network assets;
  • Effective written and verbal communications skills to prepare and present security assessment results to stakeholders, and to further build relationships with them;
  • Demonstrated ability to review publicly-disclosed vulnerabilities, determine their relevance for the Department, asses impact to Department systems, and recommend appropriate remediation actions to relevant stakeholders and leadership;
  • A working-level proficiency in Splunk, or other enterprise-level data aggregation tools (the ability to execute basic queries, create reports and dashboards);
  • A demonstrated understanding of the Lockheed Martin Cyber Kill Chain, MITRE ATT&CK Framework, and relevant threat actors as part of demonstrating understanding of the cyber threat landscape;
  • A demonstrated ability to review vulnerability and security configuration compliance scan results, highlight relevant findings, identify impact, and recommend next steps for remediation;
  • Some familiarity and understanding of networking hardware security configurations–specifically with regard patch cycles and security configurations compliance;
  • A working-level proficiency in identifying and analyzing security concerns present in cloud-based systems hosted by common cloud services providers, such as Microsoft Azure, Amazon Web Services, Google G-Suite, and so forth); and,
  • Active Secret (Minimum) security clearance.

Desired Qualifications:

  • Security+ and/or Network+ certification;
  • Some experience or familiarity with NIST Special Publication 800-53, cybersecurity policy development as influenced by NIST documentation, and CVE (Common Vulnerabilities and Exposures) standards;
  • Experience with project management to ensure stakeholders remain on schedule with patching and policy compliance to improve overall network security posture; and,
  • Active Top Secret security clearance.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.