Vacancy expired!
Type of Requisition: RegularClearance Level Must Be Able to Obtain: NoneJob Family: Cyber SecurityAt GDIT, people are our differentiator! As a Senior Enterprise Security Analyst supporting the VA Enterprise Security Architecture (ESA) Modernization Support project, you will be trusted to work actively with GDIT security and Cyber-Security professionals to support our VA customer.Our mission within the VA is to ensure Veteran’s information, VA information systems and infrastructure is cybersecurity ready. GDIT will accomplish this while ensuring the resiliency of VA’s cybersecurity infrastructure through proactive monitoring, adaptive responses, adherence to Federal requirements and best practices, and the recruitment, retention, and development of a world-class cybersecurity workforce.The ideal Senior Enterprise Security Analyst will support the VA’s overall cyber threat analysis efforts. This effort requires that the candidate possess experience with and knowledge of cyber threat and/or intelligence analysis.The right candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. A Senior Security Analyst must be flexible and have the ability to work quickly as well as a willingness to complete ad hoc, time sensitive assignments. This is a key position on the project. As such, this resource must be located in the Washington, DC metro area so easily facilitate visits to VA offices to meet with the ESA project management team.RESPONSIBILITIES :Conduct cyber security tests, risk evaluations, assessments and providing results of these activities to leadership
Provide input on configuration changes and risk recommendations as needed.
Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce the exposure to cyber risks
Use data collected from a variety of cyber defense tools (e.g., Vulnerability scanning, IDS alerts, firewalls, network traffic logs) to analyze the security posture of information systems
Support the development and maintenance of security playbook procedures
Respond to and report incidents related to assigned information systems
Provide input and/or develop security processes and procedures
Present and deliver findings based on information gathered in group and individual settings
Perform risk evaluations, respond to incidents, conduct basic forensics (chain of custody, imaging, reporting)
Assist in the development of the security policies and procedures and ensure compliance with those policies and procedures through ongoing monitoring and assessments
Provide and/or assist in root cause analysis of anomalous events
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Provides guidance and work leadership to less-experienced technical staff members.
Acquires subject knowledge by collaborating with analysts and engineers
QUALIFICATIONSRequired Skills and ExperienceMaster’s Degree in Engineering or related scientific or technical discipline with a minimum 10 years of IT Security experience.
5 years of enterprise architecture experience may be substituted for education
Demonstrated experience with implementing NIST SP 800-37 Rev1 - “Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach”
Demonstrated experience with the NIST 800-53Rev 4/5 - “Security and Privacy Controls for Federal Information Systems and Organizations” and a deep understanding of how to evaluate potential control implementations for organizational conformance.
Demonstrated experience implementing NIST SP 800-115 - “Technical Guide to Information Security Testing and Assessment” to include technical computer/network system auditing
Experience with analyzing vulnerability and penetration testing reports to develop and manage POA&Ms to include risk calculations
Experience using security tools (Nessus, Burp Suite, Splunk, Sophos, Security Center, etc.)
Experience with legacy and new health IT digital architectures including cloud, mobile, IoT, APIs, and AI technologies.
Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system
Demonstrated knowledge of data security administration principles, methods, and techniques
Experience with network concepts, user authentication, and digital signatures
Demonstrated knowledge of security principles, concepts, policy, and regulations.
Experience identifying risks in security systems and working with technical experts to resolve security issues.
Minimum Security Certification – CompTIA Security+ Ability to obtain a Public Trust clearance
US Citizenship is required
Desired Skills and ExperienceOne or more of the following certifications:
Certified Ethical Hacker (CEH)
CompTIA Cybersecurity Analyst (CySA+)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
GIAC Defensible Security Architecture (GDSA)
Demonstrated knowledge of data security administration principles, methods, and techniques
Requires familiarity with network concepts, user authentication, and digital signatures
Knowledge of and the ability to script in either, Perl, Python, or Bash
Experience performing incident response
Experience performing malware analysis
Ability to identify key concepts, factors and risks based on conversations and document these in clear and concise narrative or graphic reports.
Active VA clearance
Familiarity working with VA information systems
This position requires being fully vaccinated against COVID-19 by December 8, 2021 or the start date, if after December 8.We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
