GDIT is seeking an Azure Cybersecurity Analyst to implement, manage, and continuously improve security operations for a FedRAMP Moderate and HIPAA-compliant Azure environment. This hands-on role works closely with the Cybersecurity Architect and Healthcare Enterprise Architect to operationalize the security architecture, perform monitoring and remediation, and maintain compliance through active defense and control validation.
The Azure Cybersecurity Analyst will be responsible for daily security monitoring, vulnerability remediation, POA&M management, and network protection activities using Microsoft Sentinel, Defender, Purview, and Azure Firewall to protect mission-critical healthcare systems and data.
This role is fully remote!
Responsibilities
Security Operations & Monitoring
Operate and maintain Microsoft Sentinel for SIEM/SOAR, including rule tuning, analytics, and incident response playbooks.
Monitor and respond to alerts from Defender for Cloud, Defender for Endpoint, and Defender for Identity, ensuring timely containment and remediation.
Conduct continuous security posture assessment, monitoring compliance drift against FedRAMP controls.
Correlate and investigate security events using Sentinel, Defender, and Azure Monitor logs.
Vulnerability & Remediation Management
Execute vulnerability scanning, remediation, and patch validation using Defender and integrated tools.
Track and manage Plan of Action & Milestones (POA&M) items, ensuring timely closure and evidence documentation.
Collaborate with development and infrastructure teams to remediate vulnerabilities in VMs, containers, applications, and data pipelines.
Perform root-cause analysis and implement preventive measures to reduce recurring findings.
Network & Infrastructure Security
Configure, monitor, and maintain Azure Firewall, Network Security Groups (NSGs), Private Endpoints, and Application Gateway WAF for boundary protection.
Implement and maintain network segmentation, Zero Trust access, and secure routing between environments.
Review and optimize firewall rules and network security policies for least privilege and compliance alignment.
Governance, Compliance, and Automation
Support the Cybersecurity Architect in evidence gathering for FedRAMP and HIPAA control validation.
Enforce Azure Policy, Defender recommendations, and Purview governance rules for compliance.
Automate recurring security tasks via PowerShell, Logic Apps, or Azure Automation Runbooks.
Maintain documentation, including SOPs, security baselines, and incident response procedures.
Required Qualifications
Bachelor’s degree and 3+ years of hands-on experience as an Azure Security Engineer, Administrator, or SOC Analyst (additional years of experience can be in lieu of a degree)
Deep experience with Microsoft Sentinel, Defender for Cloud, Defender for Endpoint, and Azure Firewall
Proven experience managing POA&M processes, vulnerability scanning, and remediation tracking
Strong understanding of Azure networking, NSGs, private endpoints, and firewall rulesets
Familiarity with FedRAMP, HIPAA, and NIST 800-53 frameworks
Understanding of Zero Trust architecture and access controls
Preferred Qualifications
Microsoft Certified: Azure Security Engineer Associate (strongly preferred)
Microsoft Certified: Cybersecurity Architect Expert or Azure Administrator Associate
CompTIA Security+, CISSP, or CCSP certification
Experience with Microsoft Purview (DLP, Information Protection, Insider Risk)
Experience integrating Sentinel with Logic Apps or Azure Automation for SOAR response
Familiarity with Terraform, Bicep, or ARM templates for secure configuration automation
Background in healthcare or federal security operations
#GDITFedHealthJobs