GDIT is looking to hire a Cybersecurity Monitoring Analyst. This person provides Cybersecurity monitoring and incident response to a Cabinet level federal agency. Conducts network monitoring and incident response supporting the client 24x7x365 operations. Contributes to a team of information assurance professionals working with Intrusion Detection Systems (IDS) software and hardware, analyzing IDS data, writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe. This position supports the Department of State's Cyber Incident Response Team (CIRT) in providing continuous monitoring and ticket processing for a structured incident response process.
Significant experience managing cases with enterprise SIEM systems like Splunk
Experience and solid understanding of the following technologies:
Endpoint security products
Email security products for exchange like IronPort
Expertise with one or more of the following tools:
RSA | Security Analytics,
Wireshark or other information security tools.
Expertise with Deep packet and log analysis
Ability to create IDS/IPS content
Lead SOC analysis activity as necessary
Expert ability to recognize potential, successful and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Expertise leveraging situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
Be able to author Standard Operating Procedures (SOPs) and training documentation when needed.
Expert understanding of Network protocols and packet analysis tools.
Deep understanding Windows, Linux operating systems network behavior
Familiarity with basic Forensics and Malware Analysis
The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
Provides correlation and trending of cyber incident activity.
Understand concepts of identifying anomalous behaviors
Willingness to mentor and teach junior and mid-level analysts
Communicate Up, Down, and Across All Levels of the Organization and Technical Backgrounds
Be able to provide Timely and Relevant Security Reports as necessary
One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security) or equivalent.
Senior: 4+ years monitoring and detection
Active Secret Clearance
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.