The Information Assurance Analyst is primarily responsible for incident handling, incident response, intrusion analysis, threat hunting, digital forensic analysis, vulnerability scanning, Data Loss Prevention (DLP).
Tracks and handles cyber security incidents/events from initial detection to final resolution; coordinates with appropriate parties to investigate and maintain communications.
Collaborates with specialty teams to investigate and resolve complex problems.
Troubleshoots security tools on the network to ensure successful operation, compatibility with other applications, and minimal impact to the users.
Ensures ACAS vulnerability scanning mechanisms are operational and providing relevant results to the vulnerability management and admin teams.
Performs Information Systems Security Officer (ISSO) duties, and acts as the POC between parent organization and cyber security teams.
Conducts change requests, software authorizations, static code analysis, account reviews, and other Assessment & Authorization (A&A) tasks as required.
Acts as a central point of contact for all inquiries potentially regarding cyber security, and if necessary, redirects to the appropriate entities.
Within 6 months of hire – CSSP Incident Responder (IR): CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER
Deploy for up to 4 months at a time
Preferred certifications: GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User
Critical Soft Skills
Strong desire to learn new skills, techniques, tactics, and procedures to improve knowledge and existing processes
Must be able to multi-task and adapt to changing priorities in highly stressful situations
Highly resilient and motivated to investigate unfamiliar and anomalous problems in a robust OPTEMPO environment, including follow-through to complete resolution
Critical thinking skills required to apply and correlate data from multiple sources to solve complex problems
Strong ability to quickly and clearly articulate operational impacts of cyber security incidents/events to leadership
Ability to communicate efficiently and precisely to target audience, as well as build strong rapport with other teams
Critical Technical Skills
Proficient at navigating Windows 10/Server 2012/Server 2016 operating systems to perform intrusion analysis and systems maintenance
Proficient at navigating Linux: Ubuntu/RHEL 6/7/8 to facilitate cyber security engineering and systems maintenance
Basic scripting skills using Windows command-line, PowerShell, or BASH
Understanding of network ports, protocols, and services
Intrusion analysis via HBSS, Splunk or other SIEM tools, Windows Event Logging, Open Source Intelligence (OSINT) sources
Incident investigations via McAfee HBSS suite, SolarWinds, Cisco ISE, Cylance, Splunk, Phantom, StealthWatch, WireShark, ForeScout, ACAS, PowerShell, command-line tools
Build and maintain ACAS infrastructure; analyze vulnerability scan results and provide recommendations for remediation
Forensic analysis via products such as F-Response or Volatility
Experience using VMware products such as vSphere, vCenter, ESXi, vRealize
Netflow analysis via products such as Cisco StealthWatch or HBSS
Packet capture and analysis via products such as WireShark, tshark, tcpdump
Verify system or software compliance via products such as ForeScout
Analyze system events via SysInternals suite
Identify systems connected to the network via Cisco iOS commands and Identity Services Engine (ISE)
Understanding of the Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes
Experience with Continuous Integration / Continuous Deployment (CI/CD) processes using GitLab, SonaType, application static code analysis with SonarQube
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.