Provide management oversight for cybersecurity operations & intelligence functions
Analyze cyber intelligence reports to determine correlation and applicability to network operations on USAFCENT networks.
Analyze network intrusion detection reports and vulnerability assessments to evaluate security posture as it pertains to current operations and information security levels.
Recommends security posture changes based on security analysis and changes in threat indicators.
Develop reports and trend analysis of internal and external security activity, and incidents.
Provide on-shift training for both contractors and government personnel to include analysis interpretation and threat/event correlation.
Provide technical direction to other contractors on network and systems engineering to develop network and systems engineering concepts and apply System Development Life Cycle (SDLC) principles.
Maintain a professional image and appearance, including appropriate attire commensurate with this senior staff position. Profession business attire will be commensurate with government uniforms, and other contractor attire.
Provide technical coordination and research to exploit cutting-edge technologies, assisting with technical and status updates for briefings and reporting.
Review technical project documentation for final draft coordination and subsequent release. Includes assisting personnel with project documentation and web site development as needed.
Coordinate technical visits from Air Force and other military agencies, and Contractors.
Cyber Data Analysis Tasks: Contractor analyze Suspicious Event Reports (SER) to determine the impact and effect on USAFCENT’s networks and systems, and provide details on possible actions and alternatives to resolve problems, issues, attacks, and intrusions.
Cyber Intelligence Coordination. Coordinate with intelligence activities to gain situational awareness of cyber and security threats. Coordination will include physical and virtual meetings, using voice and video technologies. Develop a weekly Cyber Activity Report focused on USAFCENT’s networks; the report will include intelligence that directly and indirectly affects USAFCENT’s networks and operations from both red and blue team perspectives.
Intrusion Detection. Examine logs and information gained from network sniffers or protocol analyzers to determine if possible outside or unauthorized access has occurred. Track and record possible intrusion or security breach from routine daily analysis to successful anomaly/intrusion identification, which includes writing detailed analysis for possible legal use. Function as government subject matter security expert for any legal actions associated with security breaches.
Vulnerability Assessment Task. Use vulnerability assessment reports to analyze networks and operation systems to determine security weaknesses and shortfalls. Research and provide detailed fix actions for all identified vulnerabilities. Coordinate with other computer emergency response teams (CERT) to ensure latest known vulnerabilities are properly identified and corrected. Make recommendations for changes in security policy based on vulnerability assessments.
Maintain a standard set of published network architectural diagrams; establish and coordinate periodic reviews and publishing to keep information accurate for use by Network Engineers and Helpdesk Technicians. Ensure Enterprise and Site network architecture drawings and diagrams are up to date and accurate. Establish and maintain a web page to provide deployed sites up/download access for site-specific drawings and diagrams.
Develop logic flow charts for Enterprise processes utilized by the NOSC and deployed sites. Provide standardized written procedures and/or checklists for associated with common tasks and procedures.
Document, create, maintain, and track network accreditation packages throughout their life cycle for local and deployed networks. Visit each site annually or sooner if required to maintain site network accreditation. Work with the Web Design Engineer and Programmer to provide access to the accreditation documentation using standard NOSC web page design practices.
Covert draft technical documentation into a standard document format for formal publishing. Work with Network Engineers and Project Leads to document Concept of Operations, Engineering Plans, and Tactics, Techniques and Procedures (TTPs).
Establishes and coordinates an annual review of published documentation. Develop logic flow charts for processes utilized by the NOSC and deployed sites. Provide standardized written procedures and/or checklists for associated with common tasks and procedures. Coordinate a semi-annual review of the SPIN-C. Prepare the System Security Authorization Agreement appendix for NOSC network projects in support of the NOSC and SWA.
Assist Training Manager by standardizing training material. Review Remedy trouble tickets and create a knowledge base utilized by the level help desk technicians for fault isolation and resolution.
BA/BS in related field, and 5+ years relevant experience
CISSP or CCNP-Security
TS SCI Clearance Required
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.