Receive, document, and report cyber security events.
Categorize incidents and implement corresponding escalation procedures.
Communicate and coordinate incident response efforts.
Conduct daily operational update meetings for SOC staff and unscheduled situational update briefings for FAA leaders.
Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
Provide telephone, e-mail and ticket service to customers.
Reference applicable departmental and operating administration policies in work products
Access, secure and inspect local classified information processing areas.
Any other duties as requested by the Contracting Officer Representative and SOC management.
Qualities/Additional info: Incident Handler will be a part of a team that maintains twenty four (24) hours a day, seven (7) days a week, three hundred sixty five (365) days per year, incident handling capability. Incident Handler must be a proven team player with excellent oral and written communications skills. Incident Handler must be capable of working on projects independently. Frequent interaction with government client is required. Candidate must have previous experience working in a network security incident response team, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
Required Education and Experience:
Bachelor's degree in Computer Science or Information systems.
Minimum six (6) years of relevant professional experience.
In addition to required education or equivalent experience;
Minimum four (4) years IT experience AND
Must have with at least one year of network security experience.
Understanding of intrusion detection systems and threat techniques. (Lateral Movement, Rootkits & Toolkits.
Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
Experience with business process reengineering, capability maturity model, change management, or process improvement.
Exceptional writing and documentation skills.
Level of Clearance Required: Department of Defense Secret
US Citizenship Required: Yes
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.