Senior Cyber Security Analyst

Senior Cyber Security Analyst

Senior Cyber Security Analyst

We are looking for a Senior Cyber Security Analyst that will provide direction, purpose, and motivation to a team of 3 Cybersecurity Analysts and 2 Firewall Engineers to help align cybersecurity with the business strategy of the Alabama Supercomputer Authority. This position will be responsible for following a cybersecurity framework that supports the security architecture, oversees continuous monitoring and maintenance of our SIEM tools in order to analyze, planning/maintaining, troubleshoot and investigate security related issues and to improve the cybersecurity posture. This position will work collaboratively with Cybersecurity Analysts and Network Firewall engineers to remediate or mitigate security-related issues. Evaluate new and emerging technologies to determine if they will meet the needs of our security infrastructure. Plan, implement, and maintain a Security Operations Center (SOC) program. The SOC will be responsible for providing cybersecurity services to customers and clients. Uses data collected from a variety of cyber defense tools (e.g., SIEM, IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. Advises clients on incident response and threat mitigation. Provides cyber security consulting to clients. Should have experience with vulnerability scanning tools, and some knowledge of firewalls. Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.

Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards. Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to halt future incidents and improve security. Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.

Additional Duties:

o Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems.

o Assists with implementation of countermeasures or mitigating controls.

o Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.

o Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools.

o Researches, evaluates, tests, and implements new security software or devices.

o Conducts investigations of information systems security violations and incidents, reporting as necessary to management.

o Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

o Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.

o Prepares incident reports of analysis methodology and results.

o Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security.

o Performing network security scans and responding to external audit findings

o Scanning client networks and providing recommendations for remediation or mitigation actions.

o Work closely with system and network administrators.

EDUCATION AND EXPERIENCE:

Required Qualifications:
Bachelor's Degree with 5-10 Years of Security Operation experience.
Cybersecurity certification (ie. Security+ ).
Experience leading small groups of 3-5 people.
Basic level Linux or Windows administration experience.
Experience with detecting, remediating, and reporting on cyber security events.
Basic firewall knowledge of Palo Alto, Juniper, and Cisco.
Configuration Management - STIG/SCAP compliance baselines for Windows, Mac, Linux.
Penetration Test Response and Remediation.
Ansible automation planning and implementation.
Experience with Nessus vulnerability scanning service.
Familiarity with IDS/IPS.

Desired Qualifications:
CISSP or CISM certification.

Work Requirements

.cls-1{fill:none;stroke:#5b6670;stroke-miterlimit:10;stroke-width:2px;}
Years of Experience
5 + years of related experience

* may vary based on technical training, certification(s), or degree

.cls-1,.cls-2{fill:none;stroke:#5b6670;stroke-miterlimit:10;}.cls-1{stroke-width:1.77px;}.cls-2{stroke-width:2px;}
Certification

.cls-1{fill:none;stroke:#5b6670;stroke-miterlimit:10;stroke-width:2px;}
Travel Required
None

About Our Work

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.