GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day.
We think. We act. We deliver. There is no challenge we can’t turn into opportunity. And our work depends on a Senior Cyber Security Analyst joining our team to support the GDIT Headquarters and the Office of the Chief Information Officer (OCIO). Position is based out of Chantilly, VA.
The Senior Cyber Security Analyst role will act as a senior security analyst and a subject matter expert for security tools and policies managed by the Cyber Operations team. As a Senior Cyber Security Analyst, you will:
Directly support analysts and junior analysts with cyber security events and review triages of potential incidents
Perform analytical duties to determine the event/incident impact to the organization, identify the root cause, and implement mitigating controls
Perform threat hunting and purple team exercises in attempts to identify false negatives in our environment
Develop use cases and content/rules based off threat hunting exercises and threat intelligence
Develop automation playbooks through our Security Orchestration, Automation, and Response (SOAR) platform
Perform subject matter expert (SME) duties of security tools to include managing security policies and understanding logs for alert enrichment
Take lead on incident research when appropriate and mentor junior analysts
Assist in testing and evaluating new tools and technologies
BA/BS in a related technical discipline plus 5+ years of relevant experience; OR or the equivalent combination of education, technical certifications, training, or work experience
Significant understanding of Networking (Ports/Protocols) and IT Operations
Significant incident management experience
Experience and solid understanding of the following technologies: Endpoint security products (Antivirus/Endpoint Detect and Response (EDR), IPS/IDS, Email security, Behavior analytics, Security automation
Expertise with packet and log analysis
Extensive understanding of Windows, Linux, and MAC operating systems
Familiarity with the cyber frameworks such as MITRE ATT&CK
Familiarity with basic Forensics and Malware Analysis
One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCSP or equivalent
Experience with enterprise SIEM and logging systems
Experience with scripting (Python, PowerShell)
Knowledge of Azure and AWS Cloud Infrastructure
Experience in handling cloud-based logs and alerts
Use case and content development
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.