GDIT is your place. Make it your own by discovering new ways to apply the latest technology securely and expertly. Own your opportunity at GDIT and you’ll be a meaningful part of improving how agencies operate. Our work depends on a experienced Cyber Defense Analyst’s joining our team to support our Client’s activities in the Annapolis Junction area.
At GDIT, we foster a people-centric environment. As a Cyber Defense Analyst supporting our client, you will be trusted to work on very centric and cutting-edge technology. In this role, a typical day will include but not limited to:
Use cyber defense tools to monitor, detect, analyze, categorize, and perform initial triage of anomalous activity
Generate cybersecurity cases (including event’s history, status, and potential impact for further action) and route as appropriate
Leverage knowledge of commonly used network protocols and detection methods to defend against related abuses
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Perform advanced manual analysis to hunt previously unidentified threats
Conduct PCAP analysis
Identify cyber-attack phases based on knowledge of common attack vectors and network layers, models and protocols
Apply techniques for detecting host- and network-based intrusions
Working knowledge of enterprise-level network intrusion detection/prevention systems and firewall capabilities
Understand the foundations of a hardened windows network and what native services and protocols are subject to abuse (such as RDP, Kerberos, NTLM, WMI, and SMB)
Familiarity with fragmentation of network traffic and how to detect and evaluate fragmentation related attacks in raw packet captures
Conduct network – traffic, protocol and packet-level – and netflow analysis for anomalous values that may be security-relevant using appropriate tools (such as Wireshark, tshark, tcpdump)
Understand snort filters and how they are crafted and tuned to feed IDS alerting
Understand system and application security threats and vulnerabilities to include buffer overflow, SQL injection, race conditions, covert channel, replay and return-oriented attacks, malicious code and malicious scripting
Analyze malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
Familiar with indications of Command and Control (C2) channels and what strategies attackers use to bypass enterprise defenses from a compromised host
WHAT YOU’LL NEED:
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.