We are looking for a Security Subject Matter Expert/Lead that will support the incident detection and response. This role leads and further develops a team of analysts responsible for 24x7x365 monitoring of threats, as well as the tools and processes that support the core mission of defending the organization against cyber-threats. This position requires ability to work independently as well as within groups. Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.
Contract requires US Citizenship and an active Secret Clearance.
Lead and manage Security Operations Center
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Experience in threat management
Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
Knowledge of applications, databases, middleware to address security threats against the same.
Proficient in preparation of reports, dashboards and documentation
Excellent communication and leadership skills. Good Analytical skills, Problem solving and Interpersonal skills.
Working knowledge and experience with MS office with proficiency in Excel
ArcSight and multi-vendor IDS/IPS experience is a MUST
Primarily responsible for security event monitoring, management and response
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
Management, administration & maintenance of security devices under the purview of ITRC which consists of state-of-the art technologies
Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
Responsible for integration of standard and non-standard logs in SIEM
Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
Co-ordination with stakeholders, build and maintain positive working relationships with them PERL or other scripting and automation skills
In-depth understanding of ports, protocols, and network traffic analysis as it relates to network security.
Experience using troubleshooting technique including but not limited to; network sniffers, syslog, and the Firewall capture command.
Understanding of information security principles as it relates to systems and network security
Create formal documentation for systems administration, operations, and maintenance
Understanding of formal processes for change and release management
Understanding of federal contracting environment with the ability to lead and direct the security operations center staff
Ability to create repeatable processes, escalation instructions and work scripts as needed for shift agents.
Ability to utilize Campus tool sets such as ServiceNow ITSM, P-NET, EMS, and secure protocols in daily operations and maintenance environment
8-10 years of IT experience with minimum 6 years of experience as a firewall or network security engineer
At least on of the following certification is required (two or more are preferred):
ACSA, CCNP, CCSP, MSCE, CISSP GCFW or other GIAC certifications
ITIL V3 Foundation.
This program requires 24X7X365 operational support. Normal business hours are from 6:00 AM – 6 PM and you may be asked to support early morning or late afternoon shifts. This position requires after hours on call support availability as a tier 3 SME.
WORKING CONDITIONS: Standard business work environment on a customer site.
Ability and flexibility to work on a varied shift rotation can be expected.
The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment.
Must be able to lift and carry at least 30-50 lbs.
Office attire required at all times.
Public transportation access only; parking on site is limited.
Site location is the DHS St. Elizabeths Campus, Washington, DC
*Applicant Must Hold a Current Secret Clearance in order to be considered for this position.* Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.