Performing Enterprise Defense Countermeasure (DC) activities and coordination with other government agencies to record and prepare incident reports and analysis methodology and results.
Monitoring and analyzing signature alerts from Intrusion Detection/Prevention Systems (IDS/IPS) for false positives.
Providing technical enforcement of organizational security policies.
Providing “tune-or-drop” recommendations towards the DC team’s Signature Lifecycle Review procedure.
Provide insight to Detection and Response teams on signature functionality and providing signature tuning as needed.
Providing guidance and work leadership to less-experienced staff.
Communicating with customers and teammates clearly and concisely.
Maintaining current knowledge of relevant technology as assigned and may have supervisory responsibilities.
Participating in special projects as required.
May serve as a technical team or task leader.
Position may require evening, weekend or shift-work (depending on operational tempo).
Experience with Perl Compatible Regular Expressions (PCRE)
Experience authoring Yara rules
Experience authoring Snort signatures
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.