We are GDIT. We stay at the forefront of innovation to solve complex technical challenges.
GDIT is your place. Make it your own by discovering new ways to apply the latest technology securely and expertly. Own your opportunity at GDIT and you’ll be a meaningful part of improving how agencies operate. Our work depends on a experienced Cyber Defense Analyst’s joining our team to support our Client’s activities in the Annapolis Junction area.
At GDIT, we foster a people-centric environment. As a Cyber Defense Analyst supporting our client, you will be trusted to work on very centric and cutting-edge technology. In this role, a typical day will include but not limited to:
Use cyber defense tools to monitor, detect, analyze, categorize, and perform initial triage of anomalous activity
Generate cybersecurity cases (including event’s history, status, and potential impact for further action) and route as appropriate
Leverage knowledge of commonly used network protocols and detection methods to defend against related abuses
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Perform advanced manual analysis to hunt previously unidentified threats
Conduct PCAP analysis
Identify cyber-attack phases based on knowledge of common attack vectors and network layers, models and protocols
Apply techniques for detecting host- and network-based intrusions
Working knowledge of enterprise-level network intrusion detection/prevention systems and firewall capabilities
Understand the foundations of a hardened windows network and what native services and protocols are subject to abuse (such as RDP, Kerberos, NTLM, WMI, and SMB)
Familiarity with fragmentation of network traffic and how to detect and evaluate fragmentation related attacks in raw packet captures
Conduct network – traffic, protocol and packet-level – and netflow analysis for anomalous values that may be security-relevant using appropriate tools (such as Wireshark, tshark, tcpdump)
Understand snort filters and how they are crafted and tuned to feed IDS alerting
Understand system and application security threats and vulnerabilities to include buffer overflow, SQL injection, race conditions, covert channel, replay and return-oriented attacks, malicious code and malicious scripting
Analyze malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
Familiar with indications of Command and Control (C2) channels and what strategies attackers use to bypass enterprise defenses from a compromised host
WHAT YOU’LL NEED:
Four (4) years of demonstrated experience as CDA in programs and contracts of similar scope, type, and complexity required. A technical bachelor's degree from an accredited college or university may be substituted for two (2) years of CDA experience on projects of similar scope, type, and complexity
One (1) year of demonstrated and practical experience in TCP/IP fundamentals. (U) One (1) year of demonstrated experience with tcpdump or Wireshark
Two (2) years of demonstrated experience using security information and event management suites (such as Splunk, ArcSight, Kibana, LogRhythm)
Two (2) years of demonstrated experience in network analysis and threat analysis software utilization
Requires DoD 8570 compliance with CSSP Analyst baseline certification, Information Assurance Technical (IAT) Level I or Level II certification, and Computing Environment (CE) certification
Requires successful completion of the Splunk software training course "Fundamentals 1"
Two (2) years of demonstrated experience maintaining or managing Cloud environments such as Microsoft Azure, Amazon Web Services (AWS), using tools like Microsoft Sentinel
WHAT GDIT CAN OFFER YOU:
Full-flex work week
401K with company match
Customizable health benefits packages
Collaborative teams of highly motivated critical thinkers and innovators
Internal mobility team dedicated to helping you own your career
Rewards program for high-performing employees
Not sure this job’s the one for you? Check out our other openings at gdit.com/careers.
Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking “Share.”
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.