Associate Cyber Security Analyst
Role details
Job location
Tech stack
Job description
At GDIT, people are our differentiators. We are seeking an Associate Cyber Security Analyst to join our team to support Centers for Medicare & Medicaid Services (CMS) activities at Windsor Mill, MD. As a security analyst supporting the Healthcare Integrated General Ledger Accounting System (HIGLAS) contract, you will work with a team of analysts and engineers to scrutinize network and system events for potential indicators of threats or compromise. This effort includes implementing and maintaining security safeguards designed to minimize the CMS security risk and protect confidentiality, integrity, and availability of sensitive data, including privacy information. This is a junior position on the Identity and Access Management (IAM) team and part of a larger security team responsible for establishing and maintaining a high security posture for a critical federal information system. Our teams security responsibility includes, but not limited to, developing IT security strategy and architecture, establishing security operations and monitoring, implementing risk and vulnerability management processes, remediating weaknesses, conducting audits and assessments, maintaining all manner of IT security documentation, managing access, and enforcing Federal and organizational policies. This position allows the opportunity to work 100% remote from home preferably in Eastern or Central time zones. Those local to the Baltimore MD area will have opportunity to come into our office as needed. HOW YOU WILL MAKE AN IMPACT:Provide support to and participate in IAM continuous monitoring activities including monitoring new and removed identities, access and permissions changes, privilege escalation, bot activity, and other related activities.Perform internal audits and assessments related to user access controls, segregation of duties, and compliance with policies and federal standards.Support analysis of IAM-related anomalies, permission changes, and access patterns as part of broader
Requirements
security monitoring activities.Draft documentation to detail potential risks associated with known security issues within the environment.Develop and maintain Standard Operating Procedures (SOPs) related to security tasking.Coordinate and collaborate with technical subject matter experts (SMEs) to ensure technical and operational security controls are operating as expected. WHAT YOULL NEED TO SUCCEEED:Ability to pass CMS background check and meet the residency requirement for having resided in the US at least (3) three out of the last (5) five years.Bachelors degree in Information Security, Information Technology, or equivalent years of related information security experience.General knowledge of identity and access management, role- and attribute-based access controls (RBAC/ABAC), segregation of duties, least privilege, privilege escalation, etc.Knowledge of general computing technologies (e.g., Windows Server, Linux, databases, scripting languages, etc.).General experience with analysis of security or information technology issues. IT WOULD BE GREAT IF YOU ALSO HAD:Experience supporting CMS systems (e.g., HIGLAS, EUA) or similar federal IAM environments.Relevant, entry-level IT or security certifications, such as Security+ CE.Knowledge of Splunk for conducting investigations and analysis.Knowledge of Oracle Identity Management (OIM) / HIGLAS Identity Management (HIDM).Knowledge of CMS security guidelines and technology requirements.Strong analytical, communication, written, and verbal skills with the ability and comfort level to conduct presentations for existing customer audiences. LOCATION: Remote CLEARANCE: Ability to pass CMS background check and meet the residency requirement for having resided in the US at least (3) three out of the last (5) five years. WHAT GDIT CAN OFFER YOU:Full-flex work week to own your priorities at work and at home, with core work hours Monday Friday 9:00 AM ET 3:00 PM ET401K with company matchComprehensive health and