Cyber Operations Specialist lll (Enterprise Audit Log Aggregation)

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can't turn into opportunity. And our work depends on TS/SCI level cleared Cyber Operations Specialist lll (Enterprise Audit Log Aggregation) joining our team to support our Intelligence customer in Springfield, VA.

What You'll Get to Do:

• Assign the Cybersecurity Operations Manager to direct and oversee all Contractor support for this service and it's sub-services, and serve as the primary Contractor representative to the government CSOC Director for coordination, collaboration, planning, communication, status updates, and necessary approvals of all actions in support of this service
• Provide all preventative and corrective maintenance to ensure consistent, reliable, and secure service availability. This includes all actions required to return the service to full operational capability such as vendor RMA processes, removal and proper disposal of broken equipment/software, installation and testing of new equipment/software, and configuration of new equipment/software;
• Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the CSOC knowledge management platform

More About the Role:

• Execute emergency maintenance actions with sufficient urgency to preclude unacceptable outage durations, approved by the Government prior to execution, and coordinated through and approved by CSOC and ESC government management
• Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions.
• Perform continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of this service. These assessments are limited to improvements that can be achieved without the purchase of additional hardware or software
• Retain documentation regarding loss of event logs (e.g. June 5-7th DNS logs were not ingested from SBU and are lost).
• Perform all development, design, engineering, testing, integration, and implementation actions necessary to perform a full technology refresh every four years. This includes the removal and disposal of the legacy capability
• Operate all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with vendor instructions, industry best practice, and government directives, polices, procedures, etc
• Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all Federal, DoD, IC, and NGA laws, directives, orders, polices, guidance, procedures etc.
• Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions
• Ensure this service provides 100% coverage of all applicable customer enclaves, domains, information flows, and devices.  Provide weekly reports to CSOC government leadership on any people, processes, or technology challenges preventing the achievement of 100% coverage
• Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed or required by CSOC government staff and contractors assigned Cybersecurity Operations Services and Cybersecurity Readiness Services
• Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report

You'll Bring These Qualifications:

• TS/SCI clearance (current). Must be able to successfully pass and maintain a Government Polygraph (post-hire requirement).
• Bachelors Degree and Six (6) years of experience working in CSOS III, specifically with Audit Enterprise. Additional experience may be considered in lieu of a degree.
• DoD 8570 IAT Level II certification
• DoD 8570 CSSP Analyst certification

These Qualifications Would Be Nice to Have

• IAT III Certification
• Master's Degree