General Dynamics Information Technology Cyber Security Guidance and Design Reviews Analyst Senior (ITC 2256) in Bossier City, Louisiana

Clearance Level Must Currently Possess:

No Active Clearance Required

Clearance Level Must Be Able to Obtain:

No Active Clearance Required

Suitability:

Agency Specific

Job Family:

Information Technology

Job Description:

GDIT supports the Administrative Office of the U.S. Courts (AO) mission to protect the Judiciary’s public access, e-commerce, and interface systems from cyber-attacks by supporting internal and external systems that provide identity and access management. Such systems include physical servers, virtualized systems and cloud-based hardware, and secure PACER kiosks deployed at the courthouses. PACER is an electronic public access service allowing users to obtain case and docket information online from federal appellate, district, and bankruptcy courts.

Responsibilities

  • Provide migration guidance from custom Perl applications to multi-tiered JAVA Enterprise systems. The majority, approximately (65%-70%), of the code base is currently Perl, with work on-going to modernize systems using JAVA.

  • Assist in evaluating the appropriateness and security implications of enterprise single sign-on and identity provider protocols.

  • Assist in the design, adoption, and secure implementation of single sign-on solutions.

  • Provide security guidance for third party libraries and frameworks such as Hibernate, Jersey and PrimeFaces.

  • Review design of new applications, systems, or components of security and make recommendations for security improvements.

  • Provide security guidance for both custom and third-party services, devices, applications, appliances, and libraries.

  • Provide security guidance for the secure integration of new technologies, including:

  • API Gateway (Axway)

  • Identity Management, Access Control, and Single Sign-on

  • Multi-Factor Authentication and Password Reset Mechanisms

  • Web Service Protocol Security

  • Linux Containers (LXC, Redhat OpenShift, Docker, etc)

  • Mobile Devices and Internet of Things (IoT)

  • Cloud and Virtualization

  • Remote Access and Virtual Private Networking (VPN)

  • Mobile Devices, BYOD, and Mobile Applications

  • Provide recommendations on security best practices for various developing and implementing technologies such as those mentioned above.

  • Provide guidance for Linux server hardening and implementation of Mandatory Access Control policies (SELinus & AppArmor).

  • Regularly attend working group meetings to advise AO managers on security implications.

Required Qualifications and Competencies

  • Bachelor’s Degree from an accredited college plus 5 years

  • One industry-recognized cybersecurity certification such as: Certified Information Systems Security Professional (CISSP), Certification Information System Auditor (CISA), Certified Ethical Hacker (CEH), Certification and Authorization Professional (CAP), or Security + Develop custom security tools to improve coverage and validate findings

  • Experience with:

  • Agile, GIT and release planning

  • Penetration testing methodologies, tools, and tactics such as Fuzzing, GDB, Burp, Nmap, OWASP, Metasploit, Sqlmap, dynamic/static analysis

  • Penetration testing and white hat hacking

  • Incident response for PCI-compliant systems in a large production environment (over 1,000,000 users)

# of Openings:

1

Scheduled Weekly Hours:

40

T elecommuting Options:

Some Telecommuting Allowed

Work Location:

USA LA Bossier City - 6310 E Texas St (LAS004)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

THINK NEXT. NOW.

CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.

We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.

Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.

We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.