Created after 9-11-2001, the Department of Homeland Security consolidated numerous agencies' data centers for central management. General Dynamics Information Technology plays a key role in the Department's IT integration strategy through its Data Center-1 program. GDIT's DC-1 program is committed to delivering an efficient, responsive, and mature data center operation through excellence in service delivery, performance, and continual service improvement.
Security Engineer responsibilities:
Provide technical expertise in security tools monitoring and assisting in the content development and integration of all security tools monitoring in Splunk.
Scripting and maintenance of Splunk dashboard elements. This dashboard content must be designed to provide additional capabilities, and guidance to other SOC engineers and analysts. Splunk customization is a top priority for continuous improvement DC1 SOC incident response capabilities.
Example alerts that are to be automatically flagged by Splunk in conjunction with our existing tools are:
Accessing a malicious website from unauthorized internal sources
Unauthorized wireless hot spots and/or peer-to-peer connections
Unauthorized Software installations, executions, etc.
Experience with security incident escalation and response procedures is required.
5 or more years of progressive security or other applicable technical experience is required (preferably on major government contracts involving security operations, security event forensics and/or evidence collection)
Must possess the ability to effectively collaborate with DC1 Security Operations Leadership and Management, as well as other departments and teams, to review and analyze security architecture, identifying improvements for wireless IDS, network IDS, anti-malware, centralized logging, and SIEM monitoring.
Must possess the ability to serve as a senior member in our Incident response efforts, capable of guiding more Junior Analysts through the process of monitoring and responding to alerts detected in our tools
Experience with multiple security monitoring tools and content development
Experience in helpdesk, systems administration, network engineering, cloud administration, and/or development
Experience with Splunk Search Language, XML dashboards, and content development and/or equivalent scripting experience
Splunk, A+, Security+, Network+, CCND, CCNA, CEH, or other systems certifications (such as Windows and Linux)
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.