Cybersecurity Analyst Principal

About The Position

Requirements

• 5+ years of cyber security experience
• Strong understanding of key controls in Cloud, operating systems, networks, and databases
• Experience with CrowdStrike, Word, Excel, Visio, and Scripting
• US Person required
• Must have experience with NIST special publications (800-171 or 800-53)
• Must have strong demonstrated writing skills
• Ability to work independently, attend/represent manager at meetings, have strong analytical and problem-solving skills.

Nice To Haves

• Certifications such as CISSP, or CISA are a plus.
• Experience with Qualys
• Prior experience in supporting security compliance in large organizations.
• Knowledge of Continuous Improvement and process optimization related to security policies and controls.

Responsibilities

• Support the monitoring and reporting of security metrics for GDIT divisions and programs in compliance with NIST Special Publication (SP) 800-171 standards.
• Identify security risks, perform root cause analysis and create procedures to improve security posture and quantify in terms of potential impact on business operations.
• Perform cyber health assessments to identify potential vulnerabilities and provide recommendations for enhancements.
• Create, track, and provide monthly status updates related to Operational Plan of Action (OPA) and Risk Register.
• Prepare detailed security reports and dashboards to provide visibility into compliance.
• Process, analyze, make recommendations, and evaluate risk related to exception requests to GDIT security requirements.
• Possess technical expertise with advanced security tools, including endpoint detection and response platforms such as CrowdStrike, vulnerability management tools like Qualys for identifying and mitigating security risks, and Governance, Risk, and Compliance (GRC) tools.
• Familiarity with vulnerability management processes to address risk-related findings.
• Proficiency in scripting capabilities in Python or PowerShell to automate data processing and reporting workflows.
• Proven experience working with cross-functional teams, including IT, Security, Compliance, HR, and Legal.
• Aid in the development and enhancement of security monitoring procedures and strategies.
• Support other tasks as assigned.

Benefits

• AI-powered career tool that identifies career steps and learning opportunities
• An internal mobility team focused on helping you achieve your career goals
• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay and paid time off
• Award-winning culture of innovation and a military-friendly workplace
• Variety of medical plan options, some with Health Savings Accounts
• Dental plan options
• A vision plan
• A 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• Full flex work weeks where possible
• A variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.