Jr Security Analyst

Clearance Level
None
Category
Cyber Security
Location
Washington, District of Columbia

REQ#: RQ46978

Travel Required: None

Candidate must be a US citizen with the ability to pass a minimal background investigation (MBI) in accordance with HSPD-12.

Junior Security Analysts must have: 

The candidate will work in a Security Operations Center to analyze network traffic, large sets of log data, and other relevant security events to identify malicious activity. This includes, but is not limited to establishing normalized traffic and data flow baselines to identify anomalies. Candidate will also need to be able to identify techniques, tactics and procedures used by adversaries, and based on the behavior patterns identified by findings.  Candidate will need to develop alerting criteria to improve the Incident Response capability.

Basic Qualifications:

·         Experience with Window Server 12 or later

·         Experience with Red Hat Enterprise Linux (RHEL) 6/7

·         Experience with cyber security tools such as Tenable Nessus, Splunk, Wireshark, etc.

·         Understanding of network traffic analysis, log analysis, and PCAP Analysis

·         Perform incident monitoring, response, triage, and initial investigations

·         Monitoring and analysis of security events to determine intrusion and malicious events.

·         Monitor security events and logs such as Proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), vulnerability scans, anti-malware events, endpoint security, web application firewall, netflow, packet capture, and computer log files to maintain situational awareness.

·         Ability to correlate events from multiple log sources

·         Candidate should have worked in a 24x7x365 Operational capability (IRT, CERT, CIRT, CERT, SOC, etc.)

·         Communication and technical writing skills

·         Attention to detail

·         Knowledge of SIEM, packet capture solutions, intrusion detection systems

·         Familiarity with network protocols (DNS, DHCP, SMTP, HTTP)

Desired Skills:

·         CompTIA certifications

·         CEH desirable

·         Work towards a CISSP desirable

Desired Education:

·         Degree in technology (Computer Science, IT) discipline preferred

·         Minimum 2-5 years SOC experience

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.