SR Cyber Incident Responder

Clearance Level
None
Category
Cyber Security
Location
Washington, District of Columbia

REQ#: RQ105899

Travel Required: Less than 10%
Requisition Type: Pipeline

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter.

At GDIT, people are our differentiator. As a Senior Cyber Incident Responder, you will be trusted to support work on a program involving cybersecurity activities to include security architecture design, security solution engineering, network forensics, penetration testing, threat detection and incident response, threat assessments and intelligence, identity control and access management, authority to operate, ISSO support, security operations and vulnerability management.

Position Overview

Performs forensic analysis of digital information and gathers and handles evidence. Monitor systems and networks for intrusions and proactively identify security flaws and vulnerabilities, and then develop plans of action to remediate security issues. Performs data analysis and evidence collection and assess and mitigate threats, both past present and future. May use programming skills to help reverse engineer malicious code and help create fixes for vulnerable applications or services on the network. Perform security audits, risk analysis, network forensics and penetration testing in order to analyze, develop, and recommend courses of action.

Duties

  • Responsible for the full lifecycle of security incidents involving enterprise systems and data including personally identifiable information (PII) breaches
  • Manage and respond to computer security incidents through detection, investigation, analysis, remediation, and reporting of cybersecurity incidents in a timely manner with high quality
  • Help improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
  • Respond to cyber incidents, including responding to IR phone calls and emails, and preparing situational awareness reports and escalate incidents as needed
  • Investigate phishing and other user self-identified potential cyber threats
  • Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Correlate incident data to identify specific vulnerabilities and make recommendations
  • Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies through monitoring of vulnerability scanning devices
  • Identifies network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents
  • Conduct cyber trend analysis as well as malware analysis
  • Identify and analyze anomalies in network traffic using metadata
  • Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise
  • Track incidents thoroughly and communicate with end users and management effectively
  • Participate regularly in working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives.
  • Evaluate the current Computer Security Incident Response Capability (CSIRC) to ensure compliance with federal mandates for incident response and reporting
  • Maintain CSIRC specific Standard Operation Procedures and Incident Response Plans

Qualifications

  • Ten (10) years of computer information technology experience.
  • Four (4) years of experience managing and responding to computer security incidents
  • Certification: CISSP (required)
  • Certified Incident Handler, Certified Intrusion Analyst, Certified Ethical Hacker, or similar certification (desired)
  • Bachelor Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent
  • Knowledge of Agile methodologies and experience using agile to implement projects within a federal government environment
  • Experience managing personnel with diverse IT skills
  • 5 years of experience on large government contract within the past ten years
  • PMP certification (desired)
  • ITIL 4 Foundation certification (desired)
  • Public Trust clearance capability with National Agency Check with Inquiries (NACI)

Key Word Search strings

Labor security incident intrusion malicious penetration vulnerability Nessus

DOL security incident intrusion malicious penetration vulnerability Nessus

This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Texas or Montana or work outside of the United States may be excluded from this requirement.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.