Cyber Threat Analyst Associate

Advance your career while impacting our national security in cyber as a Cyber Threat Analyst Associate at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.

The Cyber Threat Analyst Associate is directly responsible for the first level monitoring, triage, and communication of security events received into the SOC. Analysts will use SIEM technology to triage alerts as the enter the SOC from network and security systems/applications, the client, and/or from intelligence sources. Furthermore, the Analyst may be required to both monitor and utilize third party toolsets in the client environment to assist with the identification of security threats.

As a member of the cloud services team, the Cyber Threat Analyst Associate will perform Level 1 triage and escalation to support SOC operations including:

• Provides technical support on post event network security logs and trend analysis to uncover security and compliance violations

• Detects the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others)

• Pinpoints location of compromised systems and devices, and conducts cyber incident and event monitoring identifying anomalous and malicious activity

• Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches

• Associates and correlates IP address related events with specific systems or devices in the IT infrastructure

• Identifies and analyzes intelligence information about threats to customer’s information processing systems

• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough triage of events utilizing relevant event detail and summary information.

• Ensure the integrity and protection of networks, systems, and applications through monitoring of security devices. React to customers escalations.

• Observes and documents actions taken by malicious actors in customer networks and contribute to content creation

• Experience working within a wide range of environments to include Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and TCP/IP protocols

• Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations

Education: Technical Training, Certification, or Degree

Experience: 0+ years related experience

Required Skills:

• Knowledge of information security event monitoring and detection and NID monitoring and incident response; Cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks); Attack methods and techniques (e.g., DDoS, brute force, spoofing, etc.)

• Knowledge of IPS/IDS, managing cases with enterprise SIEM systems (e.g. Sentinel One, Splunk) and other network security tools

• Familiarity with Federal and DoD security standards such as NIST, DCID, CNSS and DoD 8500

• Exposure to Windows and Linux OS to include knowledge of the command line interface

• Knowledge of IDS/IPS, penetration and vulnerability testing, DLP, anti-virus and anti-malware, TCP/IP, computer networking, routing and switching

• Understanding of computer networking fundamentals, network traffic analysis methods, and ability to review and analyze network packet captures

• Understanding of e-mail security fundamentals

Location: Hybrid at GDIT's Integrated Technology Center in Bossier City, LA

GDIT IS YOUR PLACE:

• Growth: AI-powered career tool that identifies career steps and learning opportunities

• Support: An internal mobility team focused on helping you achieve your career goals

• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.