Senior Cyber Security Analyst

Clearance Level
Cyber Security
Chantilly, Virginia

REQ#: RQ79246

Travel Required: None
Public Trust: None
Requisition Type: Regular

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day.

We think. We act. We deliver. There is no challenge we can’t turn into opportunity. And our work depends on a Senior Cyber Security Analyst joining our team to support the GDIT Headquarters and the Office of the Chief Information Officer (OCIO). Position is based out of Chantilly, VA.

The Senior Cyber Security Analyst role will act as a senior security analyst and a subject matter expert for security tools and policies managed by the Cyber Operations team. As a Senior Cyber Security Analyst, you will:

  • Directly support analysts and junior analysts with cyber security events and review triages of potential incidents
  • Perform analytical duties to determine the event/incident impact to the organization, identify the root cause, and implement mitigating controls
  • Perform threat hunting and purple team exercises in attempts to identify false negatives in our environment
  • Develop use cases and content/rules based off threat hunting exercises and threat intelligence
  • Develop automation playbooks through our Security Orchestration, Automation, and Response (SOAR) platform
  • Perform subject matter expert (SME) duties of security tools to include managing security policies and understanding logs for alert enrichment
  • Take lead on incident research when appropriate and mentor junior analysts
  • Assist in testing and evaluating new tools and technologies

Required Qualifications:

  • BA/BS in a related technical discipline plus 5+ years of relevant experience; OR or the equivalent combination of education, technical certifications, training, or work experience
  • Significant understanding of Networking (Ports/Protocols) and IT Operations
  • Significant incident management experience
  • Experience and solid understanding of the following technologies: Endpoint security products (Antivirus/Endpoint Detect and Response (EDR), IPS/IDS, Email security, Behavior analytics, Security automation
  • Expertise with packet and log analysis
  • Extensive understanding of Windows, Linux, and MAC operating systems
  • Familiarity with the cyber frameworks such as MITRE ATT&CK
  • Familiarity with basic Forensics and Malware Analysis

    Preferred Qualification:

    • One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCSP or equivalent
    • Experience with enterprise SIEM and logging systems
    • Experience with scripting (Python, PowerShell)
    • Knowledge of Azure and AWS Cloud Infrastructure
    • Experience in handling cloud-based logs and alerts
    • Use case and content development
    We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

    GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.