Cyber Information Response Team (CIRT) Analyst

At GDIT, we are passionate about securing and supporting some of the most challenging government, defense, and intelligence missions. As part of our team, your work will have meaning and impact, helping to make today safer and tomorrow smarter. Join a culture that values autonomy, collaboration, and delivering your best every day.

GDIT has an opening for a CIRT Analyst supporting the Army National Guard (ARNG) as part of the GECOS program. This position is part of an IT Service Management contract that includes the operation, modernization, expansion, and evolution of the ARNG’s global IT services. These services span networking, compute, storage, infrastructure, cybersecurity, applications, hosting, and program management. GECOS operates within the ITIL framework to deliver high-quality IT services to the ARNG, and this role is a critical part of ensuring the security and success of that mission.

HOW A CIRT ANALYST WILL MAKE AN IMPACT:

• Collect and analyze network and/or host artifacts from various sources, including logs, system images, and packet captures, to: characterize activity, determine the root cause and operational impact, and enable rapid remediation and/or mitigation of cyber threats.

• Perform triage of cyber incidents, identifying scope, urgency, and potential impact.

• Provide technical support for real-time cyber defense incident handling tasks.

• Proactively identify and recommend mitigations for vulnerabilities.

• Demonstrate effectiveness through handling Red Team activity and investigation.

• Manage, document, and track cyber defense incidents from detection to resolution.

• Update and maintain Incident Response tactics, techniques, procedures, and training documentation.

• Prepare and conduct training courses related to incident response at least four times per calendar year.

• Support efforts to maintain the customer's CSSP (Cyber Security Service Provider) accreditation, including documentation and technical writing.

• Rapidly respond to time-sensitive security events and work collaboratively under tight deadlines.

• Participate in cross-functional teams and meetings to improve cybersecurity posture.

• Provide on-call and after-hours support as needed.

• Proficiency in collecting and analyzing logs, system images, and other artifacts. 

• Investigating and resolving cybersecurity incidents. 

• Strong understanding of cybersecurity concepts, including mitigation strategies, root cause analysis, and Red Team operations. 

• Familiarity with current cyber defense tools and technologies.

• Excellent oral and written communication skills for both technical and non-technical audiences.

• Strong organizational skills for multitasking and meeting deadlines.

• Ability to work independently, adapt to fast-paced environments, and solve complex problems.

• Collaborative mindset with strong customer service skills.

• Dependability, punctuality, and responsiveness to management.

• Attention to detail, problem-solving capabilities, and analytical thinking.

• Ability to build trust, credibility, and strong working relationships with both customers and team members.

WHAT YOU’LL NEED TO SUCCEED:

Education/Equivalent Training Required: Bachelor’s degree in information technology, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.

Required Experience: 

4+ years of practical experience in a Cybersecurity, Engineering, T&E, or A&A-related field.  Prior experience with cyber incident response, especially on DoD networks; digital forensics

Certification Requirements:  Must Possess the appropriate baseline certification(s) to achieve a minimum of DoD 8570.01-M Information Assurance Technical (IAT) Level II (i.e., CompTIA Security+ CE) prior to start.  Will need to obtain an additional computing environment certification within six-months of hire based on position designation.  (i.e., CEH, CCNA-Security, CND, etc.).  Candidate may have further discussions with the program’s Cyber Security Manager for more details.  When 8140 requirements are implemented on program/contract, employees will need to conform to 8140 certification standards.

Security Clearance Level: Active SECRET security clearance required and must be maintained.

Location: Falls Church, VA. 

• Three (3) days of onsite with up to two (2) days telework. Onboarding/transition in period requires on-site support up to 60 days. Work schedules are subject to change on direction by mission requirements from GDIT or USG leadership.  

GDIT IS YOUR PLACE: At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities

• Support: An internal mobility team focused on helping you achieve your career goals

• Rewards: Comprehensive benefits and wellness packages, 401K with company match, competitive pay and paid time off

• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in program management at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.

#GECOS #GDITPriority