Threat Management Specialist (Tier 3) Aerial

Seize your opportunity to make a personal impact as a Threat Management Specialist (Tier 3) Aerial supporting the United States Postal Service. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.

At GDIT, people are our differentiators. As a Threat Management Specialist (Tier 3) Aerial, you will help ensure today is safe and tomorrow is smarter. Our work depends on a Threat Management Specialist (Tier 3) Aerial joining our team to analyze design, develop, implement, and support code for our government customer, the United States Postal Service.

How a Threat Management Specialist (Tier 3) Aerial Will make an impact

In this role, a typical day will include:

• Recognizing potential, successful, and unsuccessful intrusion attempts and compromises, and perform careful analysis of relevant event details and summary information
• Identification of security problems which may require mitigating controls
• Identification of the adversary activity and movement within USPS environment
• Analyze network traffic to identify command and control (C2) communications
• Analyze attachments and URLs for malicious code
• Recommend detection and containment mechanisms for exploit and or intrusion related attempts
• Work with law enforcement if needed for handoff of investigations
• Manage email security using ProofPoint, monitor for threats, and promptly respond to alerts/issues
• Possesses ability to conduct packet analysis and recommend custom monitoring policies and signatures within network detection tools
• Reviewing and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC)
• Perform log analysis, generate Indicators of Compromise (IOCs) and develop specialized searches to investigate security incidents diligently through Splunk Cloud and ES and Sentinel 1
• Use Sentinel 1 Deep Visibility to respond to alerts and conduct thorough security assessments
• Utilize AI/ML-based tools and techniques to detect anomalies, automate incident triage, and improve threat intelligence.
• Identify and support automation use cases, including the use of AI/ML to enhance SOC capabilities.
• Collaborate across Operations to provide SOC enhancement capabilities through the use of automation and AI.

WHAT YOU’LL NEED TO SUCCEED:

Education:

• Bachelor's or Master's degree in Computer Science, Information Systems, Cybersecurity or other related fields. Or equivalent work experience.
• NOTE: If resources do not have a relevant college degree, an additional 4 years of relevant work experience is required.

Required Experience:

• 3+ years’ experience in IT Operations
• 3+ years’ experience in Incident Response Operations, malware analysis
• Ability to assess security incidents promptly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting impact
• Strong working knowledge of:
  • Platform Security Basics
  • Threat Lifecycle Management
  • Incident and Crisis Management
  • Static binary analysis techniques
  • Live malware analysis techniques
  • Disassembly and reverse engineering
• Preference for hands-on experience with Artificial Intelligence (AI) and Machine Learning (ML) techniques to enhance cybersecurity operations
• Preference for experience working with SentinelOne, ServiceNow Incident Response (SIR), Splunk ES and SOAR, AWS, Azure, Okta, O365, Sourcefire, Proofpoint,
• Advance knowledge of APT detection and mitigation
• Advanced knowledge of networking technologies and protocols, including Ethernet, TCP and IP routing, security architecture, and mobile technology
• Experience investigating targeted intrusions through complex network segments
• Familiar with DMAR, DKIM, SPF concepts
• Familiar with Azure/O365/Google Cloud integration
• Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection

Security Clearance Level:

• Ability to obtain and maintain a Public Trust clearance and successfully pass a thorough Government background screening process requiring the completion of detailed forms and fingerprinting
• This position has a U.S. residency requirement. The USPS security clearance process requires the selected candidate to have resided in the U.S. (including U.S. Territories) for the last five years as follows: U.S. Citizens cannot have left the U.S. (including U.S. Territories) for longer than 6 months consecutively in the last 3 years (unless they meet certain exceptions). Non-U.S. Citizens cannot have left the U.S. (including U.S. Territories) for longer than 90 days consecutively in the last 3 years.

Location:

• Morrisville, NC
• Falls Church, VA
• Eagan, MN
• Remote considered
• Hours
  • M-F 7:00am to 4:00pm

GDIT IS YOUR PLACE:

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career.
• Professional growth opportunities including paid education and certifications.
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays

#ThreatManagement #zxc726