Cyber Security Incident Response Analyst - TS/SCI w/ Polygraph

Seize your opportunity to make a personal impact as a Cyber Security Incident Response Analyst supporting customer activities. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiator. As a Cyber Security Incident Response Analyst, you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Incident Response Analyst joining our highly skilled team to be a premier provider of cyber security services to the customer. We have responsibility to ensure operational IT capabilities provide the client with necessary timeliness, accuracy and security of information demanded from all our highly professional roles. Be the change, lead our change – join us!

HOW A CYBER SECURITY INCIDENT RESPONSE ANALYST WILL MAKE AN IMPACT

• Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

• Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.

• Coordinate incident response functions within a cloud environment.

• Monitor external data sources to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.

• Perform cyber defense trend analysis and reporting.

• Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.

• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.

• Write and publish after-action reviews.

• Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.

OTHER REQUIREMENTS:

• Skill in preserving evidence integrity according to standard operating procedures or national standards.

• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.

• Knowledge of cyber defense and information security policies, procedures, and regulations.

• Skill in protecting a network against malware. 

• Knowledge of incident categories, incident responses, and timelines for responses.

• Knowledge of incident response and handling methodologies.

• Skill in performing damage assessments.

• Knowledge of network security architecture concepts including topology, protocols, components, and principles 

• Skill in securing network communications.

• Skill in using security event correlation tools.

• Knowledge of network services and protocols interactions that provide network communications.

• Knowledge of cloud service models and how those models can limit incident response.

• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

• Knowledge of system administration, network, and operating system hardening techniques.

• Knowledge of different classes of attacks 

• Knowledge of cyber attackers

• Knowledge of cyber attack stages

• Knowledge of malware analysis concepts and methodologies.

• Skill of identifying, capturing, containing, and reporting malware.

• Knowledge of system and application security threats and vulnerabilities

• Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.

• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.

WHAT YOU’LL NEED TO SUCCEED:

• Location: McLean, VA

• Core Hours: 9:00 am – 5:00 pm; some flexibility

• Education: Bachelor's Degree (Computer Engineering, Computer Science, Electrical Engineering, Information Systems, Information Technology, Cybersecurity, or a closely related discipline)

• Required Experience: 8+ years with a minimum of 3 years experience in Incident Response and/or Computer Forensic Analyst positions

• Clearance: TS/SCI with Polygraph

• Certifications: Must meet 8570.01-M baseline certification requirement for Information Assurances Technical (IAT) Level III CASP+CE, CCNP Security, CISA, or CISSP or Associate, GCED, GCIH, or CCSP.

#WeAreGDIT
#JET
#VA_2026Alumni