Information Security Analyst

Clearance Level
Top Secret/SCI
Category
Information Security
Location
Fort Bragg, North Carolina

REQ#: RQ138019

Travel Required: 50-75%
Requisition Type: Regular

Job Description

The Information Assurance Analyst is primarily responsible for incident handling, incident response, intrusion analysis, threat hunting, digital forensic analysis, vulnerability scanning, Data Loss Prevention (DLP).

Tracks and handles cyber security incidents/events from initial detection to final resolution; coordinates with appropriate parties to investigate and maintain communications.

Collaborates with specialty teams to investigate and resolve complex problems.

Troubleshoots security tools on the network to ensure successful operation, compatibility with other applications, and minimal impact to the users.

Ensures ACAS vulnerability scanning mechanisms are operational and providing relevant results to the vulnerability management and admin teams.

Performs Information Systems Security Officer (ISSO) duties, and acts as the POC between parent organization and cyber security teams.

Conducts change requests, software authorizations, static code analysis, account reviews, and other Assessment & Authorization (A&A) tasks as required.

Acts as a central point of contact for all inquiries potentially regarding cyber security, and if necessary, redirects to the appropriate entities.

Requirements

  • Security Clearance:  TS/SCI
  • 8570 Certification
  • Minimum IAT II:  CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP
  • Within 6 months of hire – CSSP Incident Responder (IR):  CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER
  • Deploy for up to 4 months at a time
  • Preferred certifications:  GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User

Critical Soft Skills

  • Strong desire to learn new skills, techniques, tactics, and procedures to improve knowledge and existing processes
  • Must be able to multi-task and adapt to changing priorities in highly stressful situations
  • Highly resilient and motivated to investigate unfamiliar and anomalous problems in a robust OPTEMPO environment, including follow-through to complete resolution
  • Critical thinking skills required to apply and correlate data from multiple sources to solve complex problems
  • Strong ability to quickly and clearly articulate operational impacts of cyber security incidents/events to leadership
  • Ability to communicate efficiently and precisely to target audience, as well as build strong rapport with other teams

Critical Technical Skills

  • Proficient at navigating Windows 10/Server 2012/Server 2016 operating systems to perform intrusion analysis and systems maintenance
  • Proficient at navigating Linux: Ubuntu/RHEL 6/7/8 to facilitate cyber security engineering and systems maintenance
  • Basic scripting skills using Windows command-line, PowerShell, or BASH
  • Understanding of network ports, protocols, and services
  • Intrusion analysis via HBSS, Splunk or other SIEM tools, Windows Event Logging, Open Source Intelligence (OSINT) sources
  • Incident investigations via McAfee HBSS suite, SolarWinds, Cisco ISE, Cylance, Splunk, Phantom, StealthWatch, WireShark, ForeScout, ACAS, PowerShell, command-line tools
  • Build and maintain ACAS infrastructure; analyze vulnerability scan results and provide recommendations for remediation

Preferred Experience

  • Forensic analysis via products such as F-Response or Volatility
  • Experience using VMware products such as vSphere, vCenter, ESXi, vRealize
  • Netflow analysis via products such as Cisco StealthWatch or HBSS
  • Packet capture and analysis via products such as WireShark, tshark, tcpdump
  • Verify system or software compliance via products such as ForeScout
  • Analyze system events via SysInternals suite
  • Identify systems connected to the network via Cisco iOS commands and Identity Services Engine (ISE)
  • Understanding of the Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes
  • Experience with Continuous Integration / Continuous Deployment (CI/CD) processes using GitLab, SonaType, application static code analysis with SonarQube

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

0