Cybersecurity Engineer

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do. 

GDIT’s Technology Shared Services (TSS) is your place! You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter.

At GDIT, people are our differentiators. As a Cybersecurity Engineer supporting the Dept. of Education, you will be trusted to design and develop new systems, applications, and solutions for GDIT’s external customer's enterprise-wide cyber systems and networks.

MEANINGFUL WORK AND PERSONAL IMPACT
As a Cybersecurity Engineer, the work you’ll do at GDIT will be impactful to the mission of the Department of Education. You will play a crucial role via the following responsibilities:

• Development and testing of security solution implementations
• Response and investigation for reported security vulnerabilities and incidents
• Involvement in the SDLC through design, development, testing, and implementation phases
• Develop and document complex correlation logic and behavioral detection signatures (e.g., in SPL or KQL) to be submitted to the SIEM administration team for implementation.
• Involvement in unique research/discovery projects
• Conduct regular "end-to-end" testing of existing SIEM alerts to ensure that border and endpoint telemetry is correctly triggering expected alerts
• Identify visibility gaps in the current SIEM ingestion and build technical justifications/requirements for the SIEM owners to onboard new log sources.
• Development of security policies, processes, standards, and roadmaps
• Implementation of comprehensive security controls consistent with risk
• Development of scripting and basic programming
• Management of application deployment and security architecture
• Involvement with subject area tools and technologies
• Monitoring and reporting on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are met
• Support of annual updates of the incident response concept of operations document
• Support of annual incident response tabletop exercises
• Membership in a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
• Identification and response to incidents to prevent or limit damage to assets, and report incidents
• Detection and analysis of incidents and coordination activities with other stakeholders for containment, eradication, and recovery from incidents
• Development of advanced analytics and countermeasures to protect critical assets
• Support for the production and maintenance standard operational processes and procedures and playbooks for use by all shift personnel
• Support for enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily
• Monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware tracking
• Assessment, identification, and remediation for issues of the individuals and/or systems affected
• Coordination of the development of reports from the SIEM, NIDS, and HIDS
• Staying up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediation
• Performance of other tasks consistent with the goals and objectives of the department/contract

WHAT YOU’LL NEED TO SUCCEED
Bring your cyber expertise and drive for innovation to GDIT.

The Cybersecurity Engineer MUST have:
 

• Bachelor of Arts/Bachelor of Science or equivalent experience

• 2 or more years of related experience

• ITIL v4/v5 Foundation or CompTIA Security+ certification(s) or an ability to obtain one within 90 days of hire

• An ability to obtain and maintain a Public Trust

• Louisiana Residency; living within a commutable distance (approximately 60 mile radius) of the Bossier City facility

• U.S. Citizenship

Required Skills:

• Experience with Incident Response Team (IR/IRT) troubleshooting, root cause analysis, and remediation verification
• Knowledge of Identity Management - ICAM/IDAM and authorization, least privilege, and reducing unauthorized elevated access
• Firewall understanding to include basic networking, sub-netting, IDS, NAT, and ACL's
• Exposure to Penetration Test Response and Remediation
• Understanding of Configuration Management - STIG/SCAP compliance baselines for Windows, Mac, Linux
• Network Security and SIEM tool experience (Splunk, et al.)
• Working knowledge of Nessus
• Understanding of continuous integration / continuous delivery (CI/CD) and DevSecOps
• Experience writing threat reports and other management level communications
• Ability to prepare and provide a daily security briefing to customers
• Ability to support a flexible work schedule and handle on-call duties when required
• Ability to learn the following technologies: Palo Alto, Tenable, ServiceNow (ticketing and reporting), Linux, Windows, and Active Directory

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
 

● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Flexibility: Full-flex work week to own your priorities at work and at home
● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.