ArcSight Analyst

Clearance Level
Secret
Category
Information Security
Location
Seaside, California

REQ#: G2019-68114

The Security Analyst will use various tools to perform Tier 2 review of events escalate incidents as warranted and assist the Incident Response/HBSS/ACAS teams in responding to alerts and cybersecurity investigations.

  • Knowledge and understanding of networking, network layers, protocols, devices and multiple operating systems
  • Constant monitoring of intrusion detection systems using SIEM tools
  • Perform independent research and analysis of security threats
  • Coordinate with other teams to analyze, investigate and remediate detected incidents
  • Analyze and evaluate anomalous network and system activity
  • Recommend modifications to security tools to better detect, prevent, and mitigate intrusions
  • Knowledge of computer network defense and vulnerability assessment tools, including open source tools, and their capabilities
  • Excellent communication, analytical and troubleshooting skills
  • Attention to detail
  • Monitor event alerts and perform Tier 2 categorization of suspicious activity, escalating as appropriate
  • Investigate anomalous, suspicious or malicious log entries or alerts
  • Conduct security event collection using log management tools, initiate event management, and leverage identity monitoring activities
  • Perform network/system/application/log intrusion detection analysis and trending
  • Develop dashboards and reports for IA management and system monitoring
,"

Bachelor's degree or equivalent experience

","

Qualifications Required:

  • CompTIA Security+ CE
  • Any one of the following: CEH, CYSA+, SSCP, GSEC, CCNA Cyber Ops (may wave for 6 months)
  • Must be a US citizen and have a Secret clearance with SSBI/T5 able to obtain Top Secret

Qualifications Desired:

  • Well rounded person with some experience in various computer environments and multiple toolsets for cross-training within the DMDC environment
  • SIEM experience, ArcSight Preferred OR HBSS OR ACAS
  • TS/SCI Eligible
  • Technical writing and organizational skills
  

  

" We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.