The desired candidate will provide advanced cybersecurity analytics (ACA) services which aggregates and analyzes products, data, and information to identify trends and patterns, anomalous activity, provide situational awareness of customer's networks, missions and threats, and provide operational recommendations, visualizations, tuning requests, and custom signature creation to the CSOC and other internal and external stakeholders.
Analyzes trends and patterns of data on customer's networks to identify and predict previously undiscovered events and incidents, and develop or tune rules/signatures/scripts as needed;
Coordinates with other Cybersecurity Operations to develop or tune rules/signatures/scripts;
Coordinates with other Cybersecurity Operations Services to investigate and obtain information about potential sources of compromise on the systems, and develop or tune rules/signatures/scripts as needed;
Correlates and analyzes precursors to incidents, and develop or tune rules/signatures/scripts as needed;
Improve SIEM alert efficiency though evaluation of valid alerts and false positives, and develop or tune rules/signatures/scripts as needed;
Assists the Cyber Incident Response Team by assessing ongoing incident activity to predict adversary responses and locations of compromise;
Documents all work in the authorized ticketing system with a sufficient level of detail to ensure the Government and other contract services can systematically reconstruct the analysis;
Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report;
Must have an active TS/SCI clearance and eligible to obtain CI poly.
BS and 5+ years of related advanced cyber security analytics work experience or a combination of relevant years of experience and education.
Must have a certification that is compliant with DoD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Analyst
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.