Azure Cybersecurity Analyst

Responsibilities for this Position

Location: Any Location / Remote
Full Part/Time: Full time
Job Req: RQ209143

Type of Requisition:
Regular

Clearance Level Must Currently Possess:
None

Clearance Level Must Be Able to Obtain:
None

Public Trust/Other Required:
MBI (T2)

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
Microsoft Azure Sentinel, Microsoft Defender for Cloud, Network Security, Security Information and Event Management (SIEM), Security Operations Monitoring
Certifications:
None
Experience:
3 + years of related experience
US Citizenship Required:
No

Job Description:

GDIT is seeking an Azure Cybersecurity Analyst to implement, manage, and continuously improve security operations for a FedRAMP Moderate and HIPAA-compliant Azure environment. This hands-on role works closely with the Cybersecurity Architect and Healthcare Enterprise Architect to operationalize the security architecture, perform monitoring and remediation, and maintain compliance through active defense and control validation.

The Azure Cybersecurity Analyst will be responsible for daily security monitoring, vulnerability remediation, POA&M management, and network protection activities using Microsoft Sentinel, Defender, Purview, and Azure Firewall to protect mission-critical healthcare systems and data.

This role is fully remote!

Responsibilities

Security Operations & Monitoring

• Operate and maintain Microsoft Sentinel for SIEM/SOAR, including rule tuning, analytics, and incident response playbooks.
• Monitor and respond to alerts from Defender for Cloud, Defender for Endpoint, and Defender for Identity, ensuring timely containment and remediation.
• Conduct continuous security posture assessment, monitoring compliance drift against FedRAMP controls.
• Correlate and investigate security events using Sentinel, Defender, and Azure Monitor logs.

Vulnerability & Remediation Management

• Execute vulnerability scanning, remediation, and patch validation using Defender and integrated tools.
• Track and manage Plan of Action & Milestones (POA&M) items, ensuring timely closure and evidence documentation.
• Collaborate with development and infrastructure teams to remediate vulnerabilities in VMs, containers, applications, and data pipelines.
• Perform root-cause analysis and implement preventive measures to reduce recurring findings.

Network & Infrastructure Security

• Configure, monitor, and maintain Azure Firewall, Network Security Groups (NSGs), Private Endpoints, and Application Gateway WAF for boundary protection.
• Implement and maintain network segmentation, Zero Trust access, and secure routing between environments.
• Review and optimize firewall rules and network security policies for least privilege and compliance alignment.

Governance, Compliance, and Automation

• Support the Cybersecurity Architect in evidence gathering for FedRAMP and HIPAA control validation.
• Enforce Azure Policy, Defender recommendations, and Purview governance rules for compliance.
• Automate recurring security tasks via PowerShell, Logic Apps, or Azure Automation Runbooks.
• Maintain documentation, including SOPs, security baselines, and incident response procedures.

Required Qualifications

• Bachelor's degree and 3+ years of hands-on experience as an Azure Security Engineer, Administrator, or SOC Analyst (additional years of experience can be in lieu of a degree)
• Deep experience with Microsoft Sentinel, Defender for Cloud, Defender for Endpoint, and Azure Firewall
• Proven experience managing POA&M processes, vulnerability scanning, and remediation tracking
• Strong understanding of Azure networking, NSGs, private endpoints, and firewall rulesets
• Familiarity with FedRAMP, HIPAA, and NIST 800-53 frameworks
• Understanding of Zero Trust architecture and access controls

Preferred Qualifications

• Microsoft Certified: Azure Security Engineer Associate (strongly preferred)
• Microsoft Certified: Cybersecurity Architect Expert or Azure Administrator Associate
• CompTIA Security+, CISSP, or CCSP certification
• Experience with Microsoft Purview (DLP, Information Protection, Insider Risk)
• Experience integrating Sentinel with Logic Apps or Azure Automation for SOAR response
• Familiarity with Terraform, Bicep, or ARM templates for secure configuration automation
• Background in healthcare or federal security operations

#GDITFedHealthJobs

The likely salary range for this position is $74,800 - $101,200. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
Less than 10%

Telecommuting Options:
Remote

Work Location:
Any Location / Remote

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee's date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc .

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

PI279379797

GDIT is seeking an Azure Cybersecurity Analyst to implement, manage, and continuously improve security operations for a FedRAMP Moderate and HIPAA-compliant Azure environment. This hands-on role works closely with the Cybersecurity Architect and Healthcare Enterprise Architect to operationalize the security architecture, perform monitoring and remediation, and maintain compliance through active defense and control validation.


The Azure Cybersecurity Analyst will be responsible for daily security monitoring, vulnerability remediation, POA&M management, and network protection activities using Microsoft Sentinel, Defender, Purview, and Azure Firewall to protect mission-critical healthcare systems and data.



This role is fully remote!



Responsibilities


Security Operations & Monitoring

• Operate and maintain Microsoft Sentinel for SIEM/SOAR, including rule tuning, analytics, and incident response playbooks.
• Monitor and respond to alerts from Defender for Cloud, Defender for Endpoint, and Defender for Identity, ensuring timely containment and remediation.
• Conduct continuous security posture assessment, monitoring compliance drift against FedRAMP controls.
• Correlate and investigate security events using Sentinel, Defender, and Azure Monitor logs.

Vulnerability & Remediation Management

• Execute vulnerability scanning, remediation, and patch validation using Defender and integrated tools.
• Track and manage Plan of Action & Milestones (POA&M) items, ensuring timely closure and evidence documentation.
• Collaborate with development and infrastructure teams to remediate vulnerabilities in VMs, containers, applications, and data pipelines.
• Perform root-cause analysis and implement preventive measures to reduce recurring findings.

Network & Infrastructure Security

• Configure, monitor, and maintain Azure Firewall, Network Security Groups (NSGs), Private Endpoints, and Application Gateway WAF for boundary protection.
• Implement and maintain network segmentation, Zero Trust access, and secure routing between environments.
• Review and optimize firewall rules and network security policies for least privilege and compliance alignment.

Governance, Compliance, and Automation

• Support the Cybersecurity Architect in evidence gathering for FedRAMP and HIPAA control validation.
• Enforce Azure Policy, Defender recommendations, and Purview governance rules for compliance.
• Automate recurring security tasks via PowerShell, Logic Apps, or Azure Automation Runbooks.
• Maintain documentation, including SOPs, security baselines, and incident response procedures.

Required Qualifications

• Bachelor's degree and 3+ years of hands-on experience as an Azure Security Engineer, Administrator, or SOC Analyst (additional years of experience can be in lieu of a degree)
• Deep experience with Microsoft Sentinel, Defender for Cloud, Defender for Endpoint, and Azure Firewall
• Proven experience managing POA&M processes, vulnerability scanning, and remediation tracking
• Strong understanding of Azure networking, NSGs, private endpoints, and firewall rulesets
• Familiarity with FedRAMP, HIPAA, and NIST 800-53 frameworks
• Understanding of Zero Trust architecture and access controls

Preferred Qualifications

• Microsoft Certified: Azure Security Engineer Associate (strongly preferred)
• Microsoft Certified: Cybersecurity Architect Expert or Azure Administrator Associate
• CompTIA Security+, CISSP, or CCSP certification
• Experience with Microsoft Purview (DLP, Information Protection, Insider Risk)
• Experience integrating Sentinel with Logic Apps or Azure Automation for SOAR response
• Familiarity with Terraform, Bicep, or ARM templates for secure configuration automation
• Background in healthcare or federal security operations