Cybersecurity Indications and Warning Specialist

Clearance Level
Top Secret/SCI
Category
Information Security
Location
San Antonio, Texas
Onsite Workplace
Key Skills For Success

Cybersecurity

Security Information and Event Management (SIEM)

Security Monitoring

REQ#: RQ172287
Requisition Type: Regular
Your Impact

Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.

Job Description

HOW A CYBERSECURITY INDICATIONS AND WARNING SPECIALIST WILL MAKE AN IMPACT:

  • Monitor for security breaches and investigate security issues until resolution 

  • Ensure the secure operation of computer systems, servers, and network connections. 

  • Monitor server logs, firewall logs, intrusion detection log and network traffic for unusual or suspicious activity 

  • Lead security configuration determinations and participate in implementation of upgrades and changes as necessary. 

  • Work with internal and external auditors to prepare documentation for audits and exams, and work with IT management to address open audit and exam findings. 

  • Serve as an information security point of contact in disaster recovery procedures and other measures required in the event of a security breach. 

  • Report metrics to ensure accurate reporting of the cyber environment. 

PREFERRED EXPERIENCE: 

  • Splunk and Tanium

  • LogRhythm Security Incident and Event Management (SIEM)  

  • Endpoint Detection and Response (EDR) 

  • An understanding of the MITRE ATT&CK Framework, stages of an attack and sub-techniques. 

  • MacAfee ePO HBSS 

  • Day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations, digital forensics, and incident response. 

HOURS OF OPERATION:

  • Current customer hours of operation are 0600-2200 Monday through Friday.

  • Customer hours of operation may change to 24/7 at some point in the future.

WHAT YOU’LL NEED TO SUCCEED:

  • Minimum 3 years’ experience as Incident Handler/Threat Hunter.

  • DoD 8570 IAT Level II certification level and CSSP-Analyst certification (i.e. CEH, CFR CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+).

  • TS/SCI Clearance.

GDIT IS YOUR PLACE:

  • 401K with company match.

  • Comprehensive health and wellness packages.

  • Internal mobility team dedicated to helping you own your career.

  • Professional growth opportunities including paid education and certifications.

  • Cutting-edge technology you can learn from.

  • Rest and recharge with paid vacation and holidays.

#AFOpportunities

#GDITPriority

Work Requirements
Years of Experience

3 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

CompTIA - Security+ CE - CompTIA

Travel Required

Less than 10%

Citizenship

U.S. Citizenship Required

About Our Work

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.