Cybersecurity Analyst Sr Principal

Public Trust: NACLC (T3)

Requisition Type: Regular

Your Impact

Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.

Job Description

CYBERSECURITY ANALYST SR PRINCIPAL

Advance your career while impacting our national security in cyber as a Cybersecurity Analyst Sr Principal at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.

MEANINGFUL WORK AND PERSONAL IMPACT

As a Technical Compliance Cybersecurity Specialist, the work you’ll do at GDIT will be impactful to the mission of DLA Troop Support Medical Supply Chain. In this role, one serves as the technical authority for validating audit readiness across multiple technology domains, including identity, databases, hosting environments, application platforms, and infrastructure components. This role bridges the gap between auditors and engineering teams by translating audit control requirements into concrete technical checks and independently verifying compliance.

The individual will produce audit-ready evidence, identify gaps, lead remediation planning, and reduce the operational burden placed on subject matter experts. This position is hands-on, investigative, and deeply technical, with the ability to interpret controls and directly inspect systems, logs, configurations, and code paths to determine whether requirements are actually met.

This position requires analytical and communication skills to evaluate existing audit materials, understand requirement rationales through strategic questioning, and collaborate with teams to produce targeted audit deliverables,

• Lead/Manage/Support - Interpret audit controls from financial, security, and enterprise compliance frameworks. Map each control to the real technical mechanisms used across identity systems, databases, hosting environments, and application components. Produce authoritative guidance describing how controls are satisfied, citing actual system behavior and configuration
• Collaborate with Application Infrastructure, ICAM, Database, and Application teams to research findings. Participate in design reviews to ensure future changes remain audit-aligned
• Drive hands-on validation across multiple domains. Independently validate technical compliance for:
  • Identity & access management (OIDC/OAuth, ABAC, E-ICAM).
  • Databases (Oracle, SQL Server)
  • Infrastructure and hosting (IIS, Linux, Windows Server)
  • Application behavior (session management, authentication flows)
  • Logging, audit trails, and monitoring

• Utilize: Identity systems (OIDC/OAuth, IdPs, ABAC, ICAM concepts). Databases (Oracle, SQL Server — configuration, permissions, logging, auditing). Hosting platforms (IIS, Windows Server, Linux). Application architectures (authentication flows, API patterns, session handling). Infrastructure components (load balancers, proxies, certificates, network basics).

WHAT YOU’LL NEED TO SUCCEED

The Technical Compliance Cybersecurity Specialist must have:

● Security clearance level: Minimum active Top Secret (SSBI or Tier 5) clearance
● Education: High School Diploma (degree preferred)

● Certifications: Must have ONE of the following:

• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Cybersecurity Analyst (CySA+)

● Experience: 8+ years of related experience
● Technical Skills:

• Identity systems (OIDC/OAuth, IdPs, ABAC, ICAM concepts).
• Databases (Oracle, SQL Server — configuration, permissions, logging, auditing).
• Hosting platforms (IIS, Windows Server, Linux).
• Application architectures (authentication flows, API patterns, session handling).
• Infrastructure components (load balancers, proxies, certificates, network basics).

● Skills & Abilities:

• Experience interpreting and validating technical security and financial audit controls.
• Familiarity with DoD audit expectations, evidence requirements, and RFI workflows.
• Understanding of STIGs, RMF controls, and enterprise compliance frameworks.
• Ability to inspect configurations directly, run commands/queries, read logs, and trace system behavior.
• Strong diagnostic skills to independently assess compliance.
• Strong written communication for producing audit responses and evidence packages.
• Clear reasoning, assertive communication style, and comfort defending technical positions.

GDIT IS YOUR PLACE

At GDIT, the mission is our purpose, and our people are at the center of everything we do.
● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Flexibility: This is a Hybrid position that requires the successful candidate to be on-site at our client facility in Northeast Philadelphia Wednesday of each week . The other 4 days are teleworking days. This could soon change to 2 days on-site if directed by the government.

● Community: Award-winning culture of innovation and a military-friendly workplace
OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

Work Requirements

Years of Experience

8 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

CompTIA SecurityX CE | CompTIA - CompTIA

Travel Required

None

Citizenship

U.S. Citizenship Required