Cyber Security Analyst Tier III

As a member of the Security Operations Center (SOC) team, in support of the Virginia Information Technology Agency (VITA), a Cyber Security Analyst (Tier III) will be responsible for performing investigation and escalation of security alerts triaged by Tier I and Tier II analysts and others that enter the SOC from network and security systems/applications, the client, and/or from intelligence sources. The position may also require an Analyst to monitor and utilize third party toolsets in the client environment.

RESPONSIBILITIES:

• Provide expertise with Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), Threat Hunting/Intelligence, and customer facing escalations, containment/remediation activities.
• Provide technical support on event network security logs and trend analysis.
• Detect the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others).
• Uncover and pinpoint security violations of compromised systems and devices
• Correlate security events from various capabilities to identify attacks and breaches.
• Analyze and acts on intelligence information to secure customer networks and devices
• Recognize successful and unsuccessful intrusion attempts and compromises.
• Triage security events utilizing relevant details and summary information.
• Prepare incident reports of analysis methodology and results.
• Observe, document and report actions taken by malicious actors in customer networks.
• Accurately and appropriately prioritize and escalate incidents.
• Examine malware analysis reports and other reporting from incidents to correlate similar events.
• Conduct log and system analysis for various system, and network and security devices.
• Document emerging threat intelligence and reported IOCs for security tool integrations.
• Create and update rules or signatures in security tools and applications.
• Escalate identified security incidents to the appropriate teams or POCs.
• Recommend appropriate methods of system remediation and threat mitigation, as needed.
• Maintain a current understanding of the best practices and strategies used in cyber security.
• Motivate self and co-workers to expand knowledgebase and capabilities.
• Develop lessons learned documentation, reporting, and playbooks/SOPs for response within the environment.
• Provide content engineering expertise to include analyzing, designing, developing and delivering solutions to stop adversaries.

REQUIRED QUALIFICATIONS:

You MUST have:

• Technical Training, Certification(s) or Degree
• 8 or more years of related experience
• Demonstrated Cyber Ark experience
• Demonstrated Splunk experience
• An ability to obtain certification to meet DoD IAT Level III and CSSP Analyst (DoD 8570) requirements within 6 months of starting the position: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, and/or PenTest+
• Ability to obtain and maintain a public trust

• Louisiana Residency, living within a reasonable commutable distance (approximately 60 miles or less) of the Bossier City facility

PREFERRED QUALIFICATIONS

Even BETTER if you have:

• 10 or more years of relevant experience
• Strong analytical, organizational and project management skills
• Ability to create and manage vulnerability management dashboards in Splunk
• Understanding of networking fundamentals, the OSI model, and TCP/IP protocols
• Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.)
• Experience reviewing network, host and application audit logs (system, security, etc.)
• Relevant security certifications (Network+, CEH, CCNA, etc.)
• Familiarity of security standards (NIST, FISMA, Fed RAMP, DCID, CNSS and DoD 8500)
• Knowledge of cloud IT solutions and security considerations of cloud solution deployment
• Experience with any SIEM or log aggregation system, Splunk preferred

Location: On-site at GDIT's Integrated Technology Center in Bossier City, LA

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Flexibility: Full-flex work week to own your priorities at work and at home
● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.