F-35 SOC Engineer - Active Secret Required

Clearance Level
Interim Secret
Category
Information Security
Location
Arlington, Virginia

REQ#: RQ92782

Travel Required: Less than 10%
Requisition Type: Regular

Do you hold an active US government security clearance? Are you interested in work that gives you the opportunity to use your skills to solve complex problems?  Would you like to join a team that encourages ingenuity and is mission driven?  Would you like to join an organization that makes a difference for our warfighters and our citizens?

The Joint Strike Fighter (JSF) F-35 IT program support contract provides knowledge-based, information assurance and cybersecurity IT services to the F-35 Lightning II Joint Program Office (JPO). Our services include program management, enterprise performance management, enterprise architecture, implementation of emerging capabilities and requirements, life cycle management, operations & maintenance, enterprise data management, service desk support and IT training. 

We are currently seeking a SOC Engineer.

Job Duties:

Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.  Utilize Security Information and Event Manager (SIEM) system (e.g., Sentinel) to analyze and respond to potential threats. Builds and uses dashboards, alerts, and reports. for analyzing incidents. Makes reports and presentations of findings. Utilizes multiple tools and SOC best practices to correlate information, determine the cause, and provide recommendations for mitigation. Provide network defense system implementation, installation, and configuration support to installations and forces operating in deployed environments. 

Maintain a network defense test environment to evaluate new applications, signatures, rules, filters, and configurations of managed network defense systems. Follows RMF, DODI 8500 (Cybersecurity) series, and Common Criteria bodies of knowledge.  Also, analyzing the results of security scans, independent of EIMA and EIMA-provided scan data, and ensuring that appropriate System Administrators apply security patches and/or make changes to the security configuration of the system as required.

Providing scan analysis, independent of EIMA and EIMA-provided scan data, of all assets as needed to support and validate IAVM and STIG compliance. Providing status update reports detailing IAVM and STIG compliance. Addressing any vulnerability findings identified as a result of DISA Command Cyber Readiness Inspection (CCRI) assistance visits in the DISA Vulnerability Management System (VMS) according to severity level. Developing and implementing information assurance/security standards and procedures.  Performing analyzing, designing, and developing security features for system architectures. Builds, upgrades, and maintains ACAS environments on networked and standalone systems. Uses Tenable products; SecurityCenter, Nessus, PVS, Nessus Manager, Nessus Agents while proactively performing monthly and targeted (asset or IAVM) security scans on all networks using the latest approved Government security scanner to determine vulnerabilities.

Minimum Education Required:

  • BS or BA degree in Cybersecurity, Computer Science, Engineering or  Information Technology, or relevant IT discipline.
  • ALLOWABLE SUBSTUTION: Six (6) years of related experience or four (4) years of related experience with an AA/AS degree.
     

Minimum Experience Required:

  • Eight (8) years of experience designing and developing organizational information systems or upgrading legacy systems, employing best practices when implementing security controls within an information system including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
  • One (1) year of the foregoing total experience shall have been as a team leader or supervisor. 
  • IAT Level II  certification in the Security Provision Category in accordance with DoD 8570.01-M, Information Assurance Workforce Improvement Program.
  • Experience with Azure cloud-native security tools such as Security Center and Sentinel a plus .
     

Security Clearance: Secret clearance based upon a SSBI or SSBI-PR completed within the past five years.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.