Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security.
Severs as the local expert for Computer Network Defense (CND)
Receive and analyze network alerts from various sources within the enclave and determine possible causes of such alerts-McAfee HBSS Admin background to include hands on experience with DLP
Experience troubleshooting McAfee Suite of Products to include: HIPS, DLP Endpoint, Endpoint Security, Application Control, and Policy Auditor.
Coordinate with enclave CND staff to validate network alerts
Perform analysis of log files from a variety of sources within the enclave, to include individual host logs, network traffic logs, firewall logs, and intrusion detection system logs
Notify CND managers, CND incident responders, and other team members of suspected CND incidents and articulate the events history, status, and potential impact for further action
Familiar with Network Access Control implementation and management
Direct initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enclave systems
Coordinates with higher authorities on events that involve actual or attempted intrusions, viruses, worms, hoaxes, etc. that occur on the enclaves
Write and publish CND guidance and reports on incident findings to appropriate constituencies
Maintain knowledge of applicable CND policies, regulations, and compliance documents specifically related to CND auditing
Perform CND vulnerability assessments within the enclave utilizing ACAS and DISA STIGs • Implement and enforce CND policies and procedures reflecting applicable laws, policies, procedures, and regulations (e.g., Reference (g))
Manage the publishing of CND guidance (e.g., IAVAs and TCNOs) for the enclave constituency
Provide incident reports, summaries, and other situational awareness information to higher headquarters
Manage an incident (e.g., coordinate documentation, work efforts, resource utilization within the organization) from inception to final remediation and after action reporting
Knowledge, Skills and Abilities
8570 Certification required
ITIL v4 Foundation certification preferred
Technical Administration and in depth experience with HBSS
Understanding of Digital/Computer Forensics techniques and procedures, experience with EnCase preferred
Previous experience in Network / Systems Administration, and/or Information Systems Security Administration
Is competent in most areas of information systems security, including policy, security standards, network, application, database and physical
Good communication skills; shows tact, effective listening skills and follow through
May be required to provide clear and effective direction and guidance to less experienced staff
Must be able to successfully monitor systems, detect security problems and create IT solutions, including those of moderate complexity or sophistication
Ability to make recommendations to security flaws in question
Detail oriented and organized; able to understand information systems and ensure accuracy of work
May review the work of others and be able to detect errors or needed modifications
Familiar with requirements of DoD 8570.1
BA/BS (or equivalent experience), 5+ years of experience
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.