General Dynamics Information Technology (GDIT) has an immediate requirement for an Incident Response Specialist to join our federal client's cybersecurity team. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, supporting billions of dollars in annual revenue, supporting a diverse user base spread across the entire US.
Responsibilities: Collaborate and lead the response actions for cybersecurity incidents in a large-scale cloud-based enterprise environment. Follow Advanced Persistent Threat (APT) procedures and systems to respond to complex threat behaviors or indications requiring experts to hunt and characterize APTs.
Plan and execute incident response actions in a timely manner.
Collaborate with threat management/detection specialists and other cybersecurity SMEs to respond to security incidents.
Effectively collaborate with colleagues and counterparts internally and externally.
Recognize potential, successful, and unsuccessful intrusion attempts and compromises, and perform careful reviews and analyses of relevant event detail and summary information.
Experience managing cases with enterprise SIEM systems like ArcSight, Splunk or Sourcefire.
Please Note: We can only accept US citizens and or Green Card Holders. The security clearance for this program requires the selected candidate to have resided in the US for the past five years and not have left the country for more than 180 cumulative days.
Bachelor's Degree in Computer Science, Information Technology or Cybersecurity related field.
Strong knowledge and hands-on experience responding to incidents and threats in a Microsoft Office 365 and Azure/cloud-based environment is a must. Be ready to discuss best practices, lessons learned, and challenges.
Must have experience in setting up, tuning, documenting SOPs and responding to the Cloud environment, establishing monitoring and the implemented security controls.
Experience with Threat Protection, Exchange Online Protection, Azure Information Protection, and Enterprise Mobility.
Background in testing and utilizing tools to specifically review Office 365 alerts.
Demonstrable experience with Security Operation tools inclusive of products from SPLUNK, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, Tanium.
" We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.