Cybersecurity Analyst Principal
About The Position
As a Cyber Security Analyst Principal, the work you’ll do at GDIT will be impactful to the mission of the office of the Chief Information Security Officer (CISO). You will play a crucial role in identifying risks to secure GDIT against cyber threats. MEANINGFUL WORK AND PERSONAL IMPACT Support the monitoring and reporting of security metrics for GDIT divisions and programs in compliance with NIST Special Publication (SP) 800-171 standards. Identify security risks, perform root cause analysis and create procedures to improve security posture and quantify in terms of potential impact on business operations. Perform cyber health assessments to identify potential vulnerabilities and provide recommendations for enhancements. Create, track, and provide monthly status updates related to Operational Plan of Action (OPA) and Risk Register. Prepare detailed security reports and dashboards to provide visibility into compliance Process, analyze, make recommendations, and evaluate risk related to exception requests to GDIT security requirements. Possess technical expertise with advanced security tools, including endpoint detection and response platforms such as CrowdStrike, vulnerability management tools like Qualys for identifying and mitigating security risks, and Governance, Risk, and Compliance (GRC) tools. Familiarity with vulnerability management processes to address risk-related findings Proficiency in scripting capabilities in Python or PowerShell to automate data processing and reporting workflows. Proven experience working with cross-functional teams, including IT, Security, Compliance, HR, and Legal. Aid in the development and enhancement of security monitoring procedures and strategies. Support other tasks as assigned
Requirements
- 5+ years of cyber security experience
- Strong understanding of key controls in Cloud, operating systems, networks, and databases
- Experience with CrowdStrike, Word, Excel, Visio, and Scripting
- US Person required
- Must have experience with NIST special publications (800-171 or 800-53)
- Must have strong demonstrated writing skills
- Ability to work independently, attend/represent manager at meetings, have strong analytical and problem-solving skills.
Nice To Haves
- Certifications such as CISSP, or CISA are a plus.
- Experience with Qualys
- Prior experience in supporting security compliance in large organizations.
- Knowledge of Continuous Improvement and process optimization related to security policies and controls.
Responsibilities
- Support the monitoring and reporting of security metrics for GDIT divisions and programs in compliance with NIST Special Publication (SP) 800-171 standards.
- Identify security risks, perform root cause analysis and create procedures to improve security posture and quantify in terms of potential impact on business operations.
- Perform cyber health assessments to identify potential vulnerabilities and provide recommendations for enhancements.
- Create, track, and provide monthly status updates related to Operational Plan of Action (OPA) and Risk Register.
- Prepare detailed security reports and dashboards to provide visibility into compliance.
- Process, analyze, make recommendations, and evaluate risk related to exception requests to GDIT security requirements.
- Aid in the development and enhancement of security monitoring procedures and strategies.
- Support other tasks as assigned.
Benefits
- Comprehensive benefits and wellness packages
- 401K with company match
- Competitive pay and paid time off
- Full flex work weeks where possible
- Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
- Short and long-term disability benefits
- Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
Associate degree
