Job Closed
This listing is no longer active.
Art of the possible.
Senior Cyber Security Analyst
Location
United States
Posted
118 days ago
Salary
$112.8K - $149.5K / year
Seniority
Senior
Job Description
Senior Cyber Security Analyst
General Dynamics Information Technology
• Maintain various EPA System security and privacy control implementation deliverables based on a NIST 800-53 rev5 control framework. • Update, maintain, and drive security and privacy documentation designed to protect the cloud- and host-based systems from both internal and external threats. • Review identified cyber security vulnerabilities and assist with the recommendation, documentation, and implementation of appropriate mitigations or countermeasures. • Conduct and support periodic reviews of the information system to ensure compliance with the security and privacy authorization package. • Review, create, and enhance security and privacy documentation to ensure continued compliance with security and privacy requirements. • Coordinate the response to the annual continuous monitoring assessment audit. • Ensure audit evidence are collected, reviewed, and documented, including any risk determinations and plans of actions and milestones. • Identify and notify the program manager when changes occur that might affect the authorization determination for the information system. • Provide analysis of systems, hardware, software, and maintenance needs. • Create and review annually the security- and privacy-related documentation. • Develop, coordinate, and conduct training and tabletop exercises related to continuity of operations, contingency planning, incident handling, awareness, etc. • Update control implementation tools like XACTA to maintain compliance against NIST 800-53 rev 5.
Job Requirements
- 5 + years of related experience
- US Citizenship Required: Yes
- Masters or Bachelor's degree in Computer Science, Information Security, Cyber Security, or relevant discipline
- Prior performance in roles such as security, privacy, system administration, and/or networking administration
- Knowledge of NIST SP-800-53, Rev 5
- Familiarity with system security and privacy within cloud environments and FedRAMP
- Demonstrated experience with risk management and auditing
- Certifications Security+, CISSP, CISA, CISM, and/or cloud-based security certification (e.g. CCSP, COMPTIA Cloud+, or equiv) preferred.
- Excellent verbal and written communications skills, including the ability to communicate complicated technical concepts.
Benefits
- Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
- To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
- GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year.
- The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees.
- To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Junior Security Analyst
ARETUMARETUM is a dynamic government contracting company that emphasizes a people-centric culture. It values diversity, equity, and inclusion as fundamental pillars o
• Execute vulnerability management activities using ACAS, ESS, SCAP tools, and manual validation techniques to confirm findings and reduce false positives. • Conduct application and web vulnerability assessments using tools such as Burp Suite and document results with clear remediation guidance. • Support vulnerability triage and prioritization based on mission impact, exposure, exploitability, and operational constraints. • Support the Vulnerability Disclosure Program (VDP) by managing intake, validation, tracking, and coordination with remediation stakeholders. • Ensure vulnerability findings, evidence, and remediation status are accurately documented and traceable within RMF artifacts (e.g., assessment inputs and POA&M updates). • Support SCAP/STIG-related validation by correlating scan results to configuration baseline requirements and documenting compliance status. • Demonstrate the ability to perform—or a strong willingness to learn—security assessment activities across ACAS, ESS, Burp Suite, VDP workflows, and SCAP/STIG compliance processes. • Cloud Security: Configure and manage AWS Security toolsets (CloudTrail, GuardDuty, Inspector, Security Hub). • Execute DISA STIG compliance activities across operating systems, applications, databases, and network devices • Validate security baselines using SCAP and manual assessment techniques • Identify deviations, document compensating controls, and support risk acceptance requests • Ensure configuration compliance aligns with mission requirements and operational constraints • Maintain and update RMF packages throughout the system lifecycle • Support ATO, IATT, and continuous monitoring activities • Track POA&Ms and remediation actions to completion • Coordinate with Government System Owners, ISSOs, ISSEs, and Authorizing Officials • Support cybersecurity assessments, inspections, and compliance reviews • Support SIEM monitoring and alert analysis • Assist with ESS deployment, configuration, and reporting • Support log analysis, threat detection, and incident response activities • Assist with continuous monitoring and cybersecurity metrics reporting
• Coordinate and execute recurring GRC tasks such as quarterly access reviews, audit evidence collection, and risk register reconciliation. • Document and track completion of control activities and escalate issues where needed. • Assist with internal and external audits, ensuring timely and complete evidence collection and review. • Collaborate with Sales, Legal, and Product teams to lead responses for customer security questionnaires and RFPs, progressively owning more complex requests as your experience deepens. • Maintain and continuously improve a centralized repository of commonly requested security documentation and artifacts (e.g., SOC 2, SIG, CAIQ). • Work closely with a broad array of business leaders to conduct initial and periodic vendor risk assessments, ensuring that third parties meet Rightway's security and compliance standards. • Track and follow up on remediation plans and risk treatment for vendors posing unacceptable risk. • Enable and support automation and optimization of the vendor risk assessment lifecycle using both AI and traditional tooling. • Support the implementation and operationalization of AI risk and governance controls in alignment with ISO/IEC 42001 (AI Management System) and emerging regulatory guidance e.g., CAIA (Colorado AI Act). • Monitor AI systems for compliance with ethical and legal standards.
Cybersecurity Analyst I
SouthState BankThe SouthState story is one of steady growth, deep community roots, and an unwavering commitment to helping our customers move forward. Since our beginnings in the 1930s to becoming a trusted financial partner across the South and beyond - we are known for combining personal relationships with forward-thinking solutions. We are committed to helping our team members find their success while maintaining the integrity of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to achieve their greater purpose. Your future begins here!
• The Cybersecurity Analyst is responsible for the collection, analysis, validation, monitoring, and response to cybersecurity intelligence and events. • Perform day-to-day operational tasks by analyzing and responding to security events that have been logged and correlated by the SIEM or other security platform. • Monitor all in-place security solutions for efficient and appropriate operations. • Participate in investigation and resolution of anomalous activity. • Serve as a first responder and assist with initial investigations for potential security events. • Analyze configuration and vulnerability information to determine risk to the Bank’s data security. • Provide feedback on tuning of rules and alerts. Recommend tuning of rules that generate alerts to ensure low false positive rates.
• Perform analysis and management of information security risks, identifying vulnerabilities, assessing impacts, and proposing mitigation plans • Validate, review, and govern firewall rules, ensuring adherence to security policies, best practices, and compliance requirements • Work with the Security Operations Center (SOC) to define, validate, and continuously improve monitoring rules, event correlation, and security alerts • Evaluate and validate security incidents, supporting investigations, root cause analysis, and prevention recommendations • Ensure security processes and controls are aligned with ITSM frameworks, information security best practices, and service management • Prepare and maintain technical documentation, risk reports, incident reports, and security metrics • Collaborate with infrastructure, network, application, and governance teams to ensure the effectiveness of security controls • Support internal and external audits, ensuring compliance with security policies, standards, and certifications • Participate in the continuous improvement of cybersecurity processes, contributing to the maturity of the organization’s security posture
