General Dynamics Information Technology is a global technology and professional services company that delivers technology solutions to the U.S. government and defense agencies. They are seeking an Associate Cyber Security Analyst to support the Centers for Medicare & Medicaid Services, focusing on monitoring and maintaining security safeguards to protect sensitive data.
Responsibilities:
- Provide support to and participate in IAM continuous monitoring activities including monitoring new and removed identities, access and permissions changes, privilege escalation, bot activity, and other related activities
- Perform internal audits and assessments related to user access controls, segregation of duties, and compliance with policies and federal standards
- Support analysis of IAM-related anomalies, permission changes, and access patterns as part of broader security monitoring activities
- Draft documentation to detail potential risks associated with known security issues within the environment
- Develop and maintain Standard Operating Procedures (SOPs) related to security tasking
- Coordinate and collaborate with technical subject matter experts (SMEs) to ensure technical and operational security controls are operating as expected
Requirements:
- Audit Support
- Role Based Access Control (RBAC)
- Security Documentation
- Segregation of Duties
- 0 + years of related experience
- Ability to pass CMS background check and meet the residency requirement for having resided in the US at least (3) three out of the last (5) five years
- Bachelor's degree in Information Security, Information Technology, or equivalent years of related information security experience
- General knowledge of identity and access management, role- and attribute-based access controls (RBAC/ABAC), segregation of duties, least privilege, privilege escalation, etc
- Knowledge of general computing technologies (e.g., Windows Server, Linux, databases, scripting languages, etc.)
- General experience with analysis of security or information technology issues
- Experience supporting CMS systems (e.g., HIGLAS, EUA) or similar federal IAM environments
- Relevant, entry-level IT or security certifications, such as Security+ CE
- Knowledge of Splunk for conducting investigations and analysis
- Knowledge of Oracle Identity Management (OIM) / HIGLAS Identity Management (HIDM)
- Knowledge of CMS security guidelines and technology requirements
- Strong analytical, communication, written, and verbal skills with the ability and comfort level to conduct presentations for existing customer audiences