Security Operations Center (SOC) Engineer (SRF 3490)

Clearance Level
None
Category
Information Security
Location
Stennis Space Center, Mississippi

REQ#: RQ63909

Travel Required: None
Public Trust: None
Requisition Type: Regular

Created after 9-11-2001, the Department of Homeland Security consolidated numerous agencies' data centers for central management. General Dynamics Information Technology plays a key role in the Department's IT integration strategy through its Data Center-1 program. GDIT's DC-1 program is committed to delivering an efficient, responsive, and mature data center operation through excellence in service delivery, performance, and continual service improvement.

Security Engineer responsibilities:

  • Provide technical expertise in security tools monitoring and assisting in the content development and integration of all security tools monitoring in Splunk.
  • Scripting and maintenance of Splunk dashboard elements. This dashboard content must be designed to provide additional capabilities, and guidance to other SOC engineers and analysts.  Splunk customization is a top priority for continuous improvement DC1 SOC incident response capabilities.
  • Example alerts that are to be automatically flagged by Splunk in conjunction with our existing tools are:

  • Accessing a malicious website from unauthorized internal sources
  • Unauthorized wireless hot spots and/or peer-to-peer connections
  • Unauthorized Software installations, executions, etc.
  • Excessive traffic inbound (live streaming, web, etc.)
  • Malware detections and/or clean ups
  • Unauthorized outbound traffic and/or connections
  • Unusual account behaviors and/or activity

Required Qualifications

  • Bachelor’s degree or equivalent
  • Experience with security incident escalation and response procedures is required.
  • 5 or more years of progressive security or other applicable technical experience is required (preferably on major government contracts involving security operations, security event forensics and/or evidence collection)
  • Must possess the ability to effectively collaborate with DC1 Security Operations Leadership and Management, as well as other departments and teams, to review and analyze security architecture, identifying improvements for wireless IDS, network IDS, anti-malware, centralized logging, and SIEM monitoring.
  • Must possess the ability to serve as a senior member in our Incident response efforts, capable of guiding more Junior Analysts through the process of monitoring and responding to alerts detected in our tools

Desired Qualifications

  • Experience with multiple security monitoring tools and content development
  • Experience in helpdesk, systems administration, network engineering, cloud administration, and/or development
  • Experience with Splunk Search Language, XML dashboards, and content development and/or equivalent scripting experience

Desired Certifications:

  • Splunk, A+, Security+, Network+, CCND, CCNA, CEH, or other systems certifications (such as Windows and Linux)

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.