Responsible for strengthening the defensive posture and cyber defense operational readiness of an IT Enterprise our Enterprise Cyber Network Defense (ECND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities.
The Lead Cyber Network Defense Detection Principle Technical Advisor will:
Serve as an expert for enterprise incident detection.
Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents.
Manage a team responsible for providing enterprise computer network defense detection and CSSP services to IC Enterprise Subscribers.
Assist in the development of Standard Operational Procedures that reflect all aspects of day-to-day operations.
Understand the lifecycle of the network threats, attack vectors and methods of exploitation, and the incident response process in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01 and other applicable DoD/IC directives and policies.
Have familiarity with the utilization, configuration, and implementation of industry standard cyber defense capabilities such as web content filters, email security capabilities, IDS, IPS, HBSS, SIEM, Domain Name System (DNS) security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists, as well as have familiarity with malware triage and analysis, system and network forensics, log analysis and evidentiary procedures.
Position may require evening, weekend or shift-work (depending on operational tempo).
or a combination of: (Education Degree from an Accredited Institute in an Area Applicable to the Position)
• High School Diploma + 12 years • Associate's Degree + 10 years • Bachelor's Degree + 8 years • Master's Degree + 6 years • PhD + 4 years
A TS/SCI clearance
Candidate's willingness to obtain and maintain CI Poly.
An approved DoD 8570 IAT II certification prior to employment.
Obtain an 8570 CSSP Incident Responder certification within six months from the date of hire.
" We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.