Information System Security Analyst (Active Polygraph Required)
We are GDIT.
We support and secure some of the most complex government, defense, and intelligence projects across the country.
At GDIT, cyber security is not just a singular part of our mission-it connects every one of us because it's embedded into every aspect of what we do.
GDIT is your place.
You make it your own by bringing your ideas and unique perspective to our culture.
By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter.
Our work depends on a Information System Security Control Analyst joining our team to support customer activities at Bethesda, MD.
WHAT YOU'LL NEED:
Bachelor's Degree (Computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline)6
years or relevant experienceFour years of additional demonstrated work experience in Security Control Assessor (SCA) and Defensive Cyber Operations (DCO)Testing will be accepted in lieu of a bachelor's degree.
A Master's degree in an applicable discipline be substituted for three years of demonstrated work experience.
Technical skillsCurrent TS/SCI clearance with Polygraph required.
Required Skills:
Three (3) years of cybersecurity experience with at least one year of experience conducting SCAs under ICD 503/CNSSI 1253 NIST Cybersecurity Framework, Risk Management Framework (RMF), or a similar framework.
One full year of SCA experiences within the last three calendar years.
One full year supporting cloud environment and experience performing security assessments in a cloud environment (AWS, Google, IBM, Azure, and Oracle).
Skill in conducting vulnerability scans and recognizing vulnerability in security systems (eg, Cloud Environments) AWS, Google, IBM, Azure, and Oracle.
Must meet Department of Defense (DOD) 8570.
01-Manual (M) Information Assurances Workforce Improvement Program requirement for Information Assurance Manger (IAM) Level III (CISM, CISSP or Associate GSLC or CCISO).
Knowledge of general attack strategies (eg, MITRE ATT Framework).
Knowledge of NISPOM, ICD 503, NIST SP 800-53, ICD 705, and other ICDs as appropriate.
Knowledge of Independent Verification & Validation (IV) of security controls.
Other Requirements:
Make recommendations to the IC CISO or designee for improving TTPS for better cyber threat protection.
Knowledge of system and application security threats and vulnerabilities.
Knowledge of network access, identity, and access management eg public key infrastructure (PKI)Knowledge of network protocols such as Transition Control Protocol/Internet Protocol (TCP/IP), Dynamic Host Configuration, Domain Name System (DNS), and directory Services.
Ability to assess the robustness of security systems and designs.
Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Three years of experience performing security assessments in a cloud computing environment.
Strong writing skills.
Write final reports and defend all findings, including risk or vulnerability, mitigation strategies, and references.
Report vulnerabilities identified during security assessments.
Write penetration testing Rules of Engagement (RoE), Test Plans, and Standard Operating Procedures (SOP).
Conducted security reviews and technical research and provided reporting to increase security defense mechanisms.
WHAT GDIT CAN OFFER YOU:
Full-flex work week401K with company matchInternal mobility team dedicated to helping you own your careerCollaborative teams of highly motivated critical thinkers and innovatorsAbility to make a real impact on the world around youNot sure this job's the one for you? Check out our other openings at gdit.
com/careers.
Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking Share.
#OpportunityOwned, #GDITCareers, #WeAreGDIT, #JET.
Estimated Salary: $20 to $28 per hour based on qualifications.
We support and secure some of the most complex government, defense, and intelligence projects across the country.
At GDIT, cyber security is not just a singular part of our mission-it connects every one of us because it's embedded into every aspect of what we do.
GDIT is your place.
You make it your own by bringing your ideas and unique perspective to our culture.
By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter.
Our work depends on a Information System Security Control Analyst joining our team to support customer activities at Bethesda, MD.
WHAT YOU'LL NEED:
Bachelor's Degree (Computer engineering, Computer Science, Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline)6
years or relevant experienceFour years of additional demonstrated work experience in Security Control Assessor (SCA) and Defensive Cyber Operations (DCO)Testing will be accepted in lieu of a bachelor's degree.
A Master's degree in an applicable discipline be substituted for three years of demonstrated work experience.
Technical skillsCurrent TS/SCI clearance with Polygraph required.
Required Skills:
Three (3) years of cybersecurity experience with at least one year of experience conducting SCAs under ICD 503/CNSSI 1253 NIST Cybersecurity Framework, Risk Management Framework (RMF), or a similar framework.
One full year of SCA experiences within the last three calendar years.
One full year supporting cloud environment and experience performing security assessments in a cloud environment (AWS, Google, IBM, Azure, and Oracle).
Skill in conducting vulnerability scans and recognizing vulnerability in security systems (eg, Cloud Environments) AWS, Google, IBM, Azure, and Oracle.
Must meet Department of Defense (DOD) 8570.
01-Manual (M) Information Assurances Workforce Improvement Program requirement for Information Assurance Manger (IAM) Level III (CISM, CISSP or Associate GSLC or CCISO).
Knowledge of general attack strategies (eg, MITRE ATT Framework).
Knowledge of NISPOM, ICD 503, NIST SP 800-53, ICD 705, and other ICDs as appropriate.
Knowledge of Independent Verification & Validation (IV) of security controls.
Other Requirements:
Make recommendations to the IC CISO or designee for improving TTPS for better cyber threat protection.
Knowledge of system and application security threats and vulnerabilities.
Knowledge of network access, identity, and access management eg public key infrastructure (PKI)Knowledge of network protocols such as Transition Control Protocol/Internet Protocol (TCP/IP), Dynamic Host Configuration, Domain Name System (DNS), and directory Services.
Ability to assess the robustness of security systems and designs.
Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Three years of experience performing security assessments in a cloud computing environment.
Strong writing skills.
Write final reports and defend all findings, including risk or vulnerability, mitigation strategies, and references.
Report vulnerabilities identified during security assessments.
Write penetration testing Rules of Engagement (RoE), Test Plans, and Standard Operating Procedures (SOP).
Conducted security reviews and technical research and provided reporting to increase security defense mechanisms.
WHAT GDIT CAN OFFER YOU:
Full-flex work week401K with company matchInternal mobility team dedicated to helping you own your careerCollaborative teams of highly motivated critical thinkers and innovatorsAbility to make a real impact on the world around youNot sure this job's the one for you? Check out our other openings at gdit.
com/careers.
Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking Share.
#OpportunityOwned, #GDITCareers, #WeAreGDIT, #JET.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
