The Technical Shared Services Group is looking for an Analyst that will perform fusion analysis for our customers in security operation centers. The ideal candidate will :
Work with and be familiar with larger nation state threat actor groups
Detect nation state threat actor techniques, tactics, and procedures (TTP's)
Have the ability to perform all source analysis (taking open source reporting, classified reporting, as well as technical malware reports and tying activity together)
Have a solid understanding of network traffic / standard protocols (ex. HTTP, SMTP, DNS)
Work with malware / performing static/dynamic malware analysis
Create formal reporting products
Have a passion for security related work
Work in an Intel environment- having had previous work in a SOC/NOC as either an incident responder or intrusion detection analyst
perform threat hunting
Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
Provide and incident Response and/or Detection .
BS and 10 years related experience or relevant experience.
Technical certifications such as CISSP CEH or other cert.
Have a certification - prefer IAT II (SEC+) and CND-IR (CEH, GCIH) DoD 8570 compliant
Experience network traffic / standard protocols (ex. HTTP, SMTP, DNS) or past threat experience
Experience with analysis of malware.
Experience with either ThreatConnect, VMRay SPLUNK or similar tool
Experience with nation state threat actor techniques, tactics, and procedures (TTP's) with ability to hunt threat actors on internal network
Experience with source analysis (taking open source reporting, classified reporting, as well as technical malware reports and tying activity together)
Experience with writing Yara signatures and implementing in SecurityOnion sensor grid
Previous work in a SOC/NOC as either an incident responder or intrusion detection analyst
Experience utilizing Virus Total intelligence to perform retrospecting hunting analysis
Previous experience leading a team of threat hunters
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.