CIRT Monitoring Team Lead (Active Secret Clearance)

Clearance Level
Interim Secret
Cyber Security
Beltsville, Maryland

REQ#: RQ109553

Travel Required: None
Requisition Type: Regular

Project Overview:

As the CIRT Monitoring Team Lead, you’ll focus on helping build and improve detection capabilities, while leading a monitoring team that is focused on protecting the enterprise from threat actors. This position will involve coordinating and/or participating in high-priority investigations, identifying process improvements, and preparing reports for management and the client.

Daily Responsibilities:

  • Supervise monitoring analysts in detecting security issues and triaging alerts
  • Coordinate incident response functions
  • Assist with project planning and identification of mitigation activities
  • Identify and recommend process creation and improvements
  • Identify advanced techniques and coordinate to improve analysis capability
  • Provide timely, comprehensive, and accurate information in both written and verbal reports
  • Mentor other analysts and incident handlers on analysis and security tools

Required: Basic Requirements

  • Knowledge of the TCP/IP networking stack and network technologies
  • Sound understanding of analysis methodologies
  • Familiarity with attack and defense frameworks
  • Ability to triage and prioritize alerts
  • Knowledge of Windows and/or Linux Architecture
  • Experience with Splunk, Linux CLI & Windows AD

Desired Skills: Preferred but not required

  • Knowledge of the Splunk processing language, query building, alerts, dashboards, and report generation
  • Experience developing cyber-intrusion detection system signatures, e.g. Snort, YARA
  • Experience writing shell scripts or python code to analyze machine data
  • Knowledge of full packet capture, PCAP analysis and accompanying tool
  • Familiarity with NIST Standards on cybersecurity and incident handling (800-53, 800-61)
  • Detailed knowledge of applicable security tools, technologies, and trends
  • Excellent written and verbal communication skills

Preferred Certifications:

  • CISSP and/or CASP+
  • SANS GCIH and/or GCIA
  • Certified Ethical Hacker and/or CySA+
  • Basic knowledge of Python, Java, C, and/or C++

Education :

Bachelors or equivalent education and work experience

COVID-19 Vaccination Requirement: To protect the health and safety of its employees and to comply with customer requirements, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.