The OTA Analyst conducts in-depth analysis of user activity data employing technical and non-technical disciplines to transform data into actionable information.
The primary area of responsibility for the analyst is to examine and analyze data, prioritize significant events for further investigation, correlate information with other information sources to establish context, and to compile noteworthy information into analytic reports for working groups and senior management.
Additionally, reviewing sensitive electronic and hard copy investigative and intelligence community reporting, collaborating with internal and external entities via working groups, conferences, or task forces, and preparing summary documents, briefings, assessments, graphical representations of data, and other written products is highly encouraged.
Investigative Analyst Role:
The investigative analyst will perform user activity monitoring, analysis, and reporting, employing technical and non-technical disciplines to transform data into actionable information. The individual will be responsible for conducting in-depth analysis of user activity data and performing data acquisitions from live hosts located worldwide using various Windows and forensics tools, and ensuring chain of custody and control procedures. Detailed documentation of tasks performed is required to support active law enforcement investigations.
Responsible for the analysis and reporting of technical and intelligence information to provide indications, analysis, and trends identified through behavioral analysis of data
Perform assessments of malicious or suspicious activities to determine potential security risks
Prepare comprehensive and detailed court-ready case documentation and written notes and reports regarding findings.
Assist in the development of OTA program policies, processes, and procedures, provide user support, conduct group training sessions, and provide one-on-one tool training services to case agents and supporting personnel.
Core work hours are 9:00am – 3:00pm (8.5 work day)
Work location: Rosslyn, VA (full-time, on site)
Required: Basic Requirements
4+ Experience in behavioral, audit, security, and/or policy compliance analysis
Ability to work well with and accept challenges in a fast paced, dynamic, team-based environment
Ability to write and execute SQL queries
Experience with Splunk, EnCase, IBM SPSS platform using the Modeler module
Proficiency in process automation using multiple scripting and development tools including, but not limited to: Shell scripting, PowerShell, Perl, Ruby, or Python
Enterprise administrative support and deployment of multiple operating systems (e.g. Windows 2008, 2012, Linux)
Experience in configuring and troubleshooting Windows servers
Understand and utilize Active Directory Domain Services, DHCP, DNS, WINS, TCP/UDP Ports and Protocols
Experience working in a virtualized environment (e.g. VMWare)
Possesses an understanding of networking fundamentals
Possesses working knowledge of firewall administration
Strong quantitative and analytic abilities to analyze and validate data
Ability to demonstrate effective organizational and technical skills
Detail-oriented and have a strong delivery performance (ability to meet deadlines and requests efficiently, multi-task and establish priorities)
Ability to quickly learn and understand various company systems
Proficiency with MS Office Suite products (Excel, Word, Outlook, Visio, PowerPoint, etc.) and Server
Desired Skills: Preferred but not required
Knowledgeable of Database systems (Oracle and MS SQL)
Experience with Direct Attached Storage/SAN and RAID.
Experience with hardware and input/output evaluation and optimization
Experience with Dell hardware
Working knowledge of information security and IT standards like ISO27002, NIST, ITIL, etc.
Experience with designing and implementing data models to drive threat analysis
Knowledge of cyber threat indicators
Ability to prepare and present briefings
Technical knowledge of Microsoft Operating Systems
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.