Senior Cyber Security Analyst

Clearance Level
None
Category
Cyber Security
Location
Chantilly, Virginia

REQ#: RQ47189

Travel Required: None

GDIT has the opportunity for a Senior Cyber Security Analyst position to support the GDIT Headquarters and the Office of the Chief Information Officer (OCIO).  Positions are based out of Chantilly, VA.

The Senior Cyber Security Analyst role will act as a senior security analyst and a subject matter expert for security tools and policies managed by the Cyber Operations team. As a Senior Cyber Security Analyst, you will:

  • Directly support analysts and junior analysts with cyber security events and review triages of potential incidents
  • Perform analytical duties to determine the event/incident impact to the organization, identify the root cause, and implement mitigating controls
  • Perform threat hunting and purple team exercises in attempts to identify false negatives in our environment
  • Develop use cases and content/rules based off threat hunting exercises and threat intelligence
  • Develop automation playbooks through our Security Orchestration, Automation, and Response (SOAR) platform
  • Perform subject matter expert (SME) duties of security tools to include managing security policies and understanding logs for alert enrichment
  • Take lead on incident research when appropriate and mentor junior analysts
  • Assist in testing and evaluating new tools and technologies

Job Skill Requirements:

  • Significant understanding of Networking (Ports/Protocols) and IT Operations
  • Significant incident management experience
  • Experience with enterprise SIEM and logging systems
  • Experience and solid understanding of the following technologies:

o   Endpoint security products (Antivirus/Endpoint Detect and Response (EDR))

o   IPS/IDS

o   Email security

o   Behavior analytics

o   Security automation

  • Experience with scripting (Python, PowerShell)
  • Expertise with packet and log analysis
  • Extensive understanding of Windows, Linux, and MAC operating systems
  • Knowledge of Azure and AWS Cloud Infrastructure
  • Experience in handling cloud-based logs and alerts
  • Familiarity with the cyber frameworks such as MITRE ATT&CK
  • Use case and content development
  • Familiarity with basic Forensics and Malware Analysis

Required Qualifications

  • 5+ years total work experience

Education

  • BA/BS in a related technical discipline, or the equivalent combination of education, technical certifications, training, or work experience

Certifications

  • One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCSP or equivalent
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.