Today’s Cyber targets never stop moving – that’s why we never stand still. From protecting our nation’s critical infrastructure to securing the tactical edge, cybersecurity is embedded in everything we do. Amongst our numerous cyber programs, our JSP DCO program is at the forefront of GDIT’s cyber capabilities protecting one of our nation’s most important networks. JSP is undergoing a transformation as they transition to forward leaning areas of cybersecurity. Be part of that transformation and join our mission!
The Joint Service Provider (JSP) Defense Cyber Operations Internal Defense Measures (DCO IDM) program is searching for a ADP Cyber Data Integration Manager (SIEM SME) to work at the Mark Center in Alexandria, VA.
NOTE: This is a full-time, onsite position. Due to the type of access this role entails, telecommuting is not allowed. Some travel to our Pentagon office may be required.
Within this program, the Active Detection and Prevention (ADP) Team has responsibility for the suite of cyber tools which monitor, detect, and prevent malicious activity on JSP networks. The task of the ADP Cyber Data Integration Manager is to maintain the infrastructure components of these tools (e.g. servers, appliances) and coordinates their upgrade/migration as new technology is made available. Additionally, the Manager ensures that mission-critical data Integration tools (ArcSight ESM, Splunk Enterprise, Elasticsearch) are reliably receiving ingest from all appropriate sources on these networks in a timely fashion, and are correlating the data for the benefit of ADP analysts. The Manager works closely with these analysts to ensure that the data being harvested meets all current operational requirements.
Active Top Secret clearance with SCI Access Eligibility
Bachelor of Science Degree in IT related field; additional years of experience may be considered in lieu of degree
8+ years of experience with ArcSight IDS/IPS, with 4+ years in a DoD environment
Advanced experience administering and maintaining a large enterprise ArcSight or Splunk implementation.
Troubleshoot issues with ArcSight ESM, Logger, and SmartConnectors.
Take requirements from customers and analysts and implement necessary changes improvements to the ArcSight infrastructure.
Develop future ArcSight Implementation capabilities that include a robust, resilient deployment that captures host based as well as network based traffic for analysis.
Incorporate storage capabilities to support DOD log retention requirements
Develop future capabilities that incorporate virtual technologies without impeding operational capabilities
Excellent verbal and written communication skills
Advanced skills in network and endpoint security data analysis
Knowledge of how to translate cyber intelligence requirements into tool-specific solutions, leveraging all capabilities within those tools
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.