Cyber Threat Hunting
Information Technology Security
Security Information and Event Management (SIEM)
Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Southern Command Information Technology Enterprise Program (SCITES)US Security Clearance Required (Secret to start, TS/SCI eventually)
General Dynamics is the PRIME on this program supporting US SOUTHERN COMMAND. Our program supports SOUTHCOM's entire IT enterprise providing technology services to over 10000 users spread across 30+ countries. Join us today!
Individual chosen for this role will be responsible to investigate, analyze, and respond to cyber threats, events and incidents within a network environment or enclave.
Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Interpret, analyze, and report all threats, events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identify information technology threats, security risks and exposures, determine the causes of security violations and suggests procedures to halt future incidents and improve security.
Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
May coach and provide guidance to less-experienced professionals.
May serve as a team or task lead.
EDUCATION AND EXPERIENCE:
BA/BS or equivalent combination of experience and training.
5+ years of experience, preferably in IT Security.
8570 Compliance - CISSP, CEH, Sec+ or CySA+.
NOTE: 24x7x365 Mission. Involves providing round clock monitoring. 8 Hour shift rotations (3 8-hour shifts). Shifts are rotated, first voluntarily and mandatory if necessary to ensure full coverage.
Keywords: Pen Test, Penetration testing, Sniffer, Firewalls, PKI, MDR, Antivirus, IPS, Snort, Wireshark, Webroot, solarwinds, BitDefender, Netsparker, Perimeter 81, NMap
5 + years of related experience
* may vary based on technical training, certification(s), or degree
CompTIA - Security+ - CompTIA
CASP: CompTIA Advanced Security Practitioner - CompTIA
CYSA +ce - CompTIA
SSCP: Systems Security Certified Practitioner - (ISC)2
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.