Provides Threat and Gap Analysis support to a cabinet level federal agency. Contributes to a team of information assurance professionals working to improve technical security posture. Duties include writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe.
Must possess six (6) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging technologies. The candidate must have hands-on experience and expertise with threat detection, gap analysis, threat hunting methodologies, and have an understanding of the capability of hacking tools and how they are used to exploit vulnerabilities and features in enterprise networks. Previous Red Team work is a plus.
The candidate must be a self-starter with, keen analytical skills, curiosity, agility, and adaptability. The ability to work quickly, willingness to work on ad hoc assignments, work independently as needed, strong written and verbal communication skills, and recognizing the importance of being a team player. In addition the candidate should possess the following skill set:
An advanced Splunk user with the ability to leverage the more advanced statistical features.
Experience performing incident response using a modern EDR tool.
Experience performing forensic analysis on the different flavors of Windows OS’s.
Experience identifying gaps in analysis and creation of detection methodologies to address the gaps.
Experience with security features and logs in O365/Azure cloud environments.
Be familiar with tools like Nessus, Burp, and Metasploit Framework/Pro.
Firm understanding of network and system architecture and analysis. Fundamentals of network routing & switching, assessing network device configurations, and operating systems (Windows/*nix)
Experience Scripting in languages such as PowerShell, Bash, Python, Perl or Ruby.
Must be able to work alone or in a small group.
Active Secret Clearance/TS preferred
Analyze Red Cell activity’s to identify detection gaps
Resolve gaps found through monitoring Red Cell activities
Create new detection methodologies that highlights suspicious activity
Briefs executive summary and findings to stakeholders to include Sr. Leadership
Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
Provide support to incident response teams through capability enhancement and reporting.
Mentor Jr and Mid staff members by creating and teaching latest techniques in ethical hacking and vulnerability analysis.
Preferred but not absolutely required:
GCIA, GCIH, or GCFE; CISSP; Certified Ethical Hacker; CCNA
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.