Information Systems Security Analyst

GCI, embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry.

At GCI, we solve the hard problems. As an Information System Security Analyst, a typical day will include the following duties:

Under the supervision of leadership or senior IA personnel, perform the following functions:

Automated scan and test functions to support continuous monitoring, vulnerability analysis, and active technical security control validation.

Audit log analysis, report generation and brief findings to IA Divisional Leadership and GCI Management.

In coordination with IA Division leadership, aid in the development of information system security policies, CONOPS, guides, etc.

Coordinate security investigations of suspected computer security violations, incidents, and compromises in accordance with IA Division Leadership directions and GCI’s incident response program.

Support and coordinate Information Assurance (IA) processes, procedures, and compliance for all assigned Information Systems (IS).

Conduct security audits and ensure that audit trails are reviewed and audit records archived in accordance with GCI security requirements and Federal regulation and frameworks as applicable.

Ensures IS are operated, used, maintained and disposed of appropriately in accordance with GCI and/or Customer security procedures, directives, guidelines, regulations, and policies.

Support and maintain the system security documentation such as Security Plans, Security Operating Procedures, CONOPS, required policies and documentation to support system compliance for assigned security frameworks (ie NIST RMF/CSF, NISPOM, ICD Publications, CUI, CMMC, etc.), in coordination with the other IA Division staff, the Information System Security Manager (ISSM), as applicable, and IA Division Leadership.

Conduct periodic reviews, self-inspections, and/or assessments to ensure IS(s) meet GCI and Customer security requirements. Additionally, and when required, provide support during A&A activities.

Conduct user training and awareness activities under the direction of the GCI IA Division Leadership.

Participate in self-assessment of system safeguards and program elements and in assessment and authorization of the system.

Contribute to Configuration Management (CM) documentation for IS software and hardware as needed to maintain in accordance with GCI Policy and applicable Federal guidelines and regulations

Possess a working entry-level knowledge and familiarity with industry “best practices” for Information Assurance as well as applicable information security documents.

Candidate must be a self-starter that is mission focused and able to work in a dynamic work environment with a diverse set of personalities. Must be able to take specific directions and progress forward to task completion, with limited engagement from senior leaders once provided with that direction.

Strong documentation, analysis, and oral/written communications skills.