Cyber Operations Specialist lll (Enterprise Audit Log Aggregation)

Clearance Level
Top Secret/SCI
Cyber Security
Springfield, Virginia
Onsite Workplace
REQ#: RQ139532
Requisition Type: Regular
Your Impact

Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by using your expertise to protect our country from threats.

Job Description

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can't turn into opportunity. And our work depends on TS/SCI level cleared Cyber Operations Specialist lll (Enterprise Audit Log Aggregation) joining our team to support our Intelligence customer in Springfield, VA.

What You'll Get to Do:

  • Assign the Cybersecurity Operations Manager to direct and oversee all Contractor support for this service and it's sub-services, and serve as the primary Contractor representative to the government CSOC Director for coordination, collaboration, planning, communication, status updates, and necessary approvals of all actions in support of this service
  • Provide all preventative and corrective maintenance to ensure consistent, reliable, and secure service availability. This includes all actions required to return the service to full operational capability such as vendor RMA processes, removal and proper disposal of broken equipment/software, installation and testing of new equipment/software, and configuration of new equipment/software;
  • Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the CSOC knowledge management platform

More About the Role:

  • Execute emergency maintenance actions with sufficient urgency to preclude unacceptable outage durations, approved by the Government prior to execution, and coordinated through and approved by CSOC and ESC government management
  • Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions.
  • Perform continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of this service. These assessments are limited to improvements that can be achieved without the purchase of additional hardware or software
  • Retain documentation regarding loss of event logs (e.g. June 5-7th DNS logs were not ingested from SBU and are lost).
  • Perform all development, design, engineering, testing, integration, and implementation actions necessary to perform a full technology refresh every four years. This includes the removal and disposal of the legacy capability
  • Operate all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with vendor instructions, industry best practice, and government directives, polices, procedures, etc
  • Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all Federal, DoD, IC, and NGA laws, directives, orders, polices, guidance, procedures etc.
  • Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions
  • Ensure this service provides 100% coverage of all applicable customer enclaves, domains, information flows, and devices.  Provide weekly reports to CSOC government leadership on any people, processes, or technology challenges preventing the achievement of 100% coverage
  • Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed or required by CSOC government staff and contractors assigned Cybersecurity Operations Services and Cybersecurity Readiness Services
  • Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report

You'll Bring These Qualifications:

  • TS/SCI clearance (current). Must be able to successfully pass and maintain a Government Polygraph (post-hire requirement).
  • Bachelors Degree and Six (6) years of experience working in CSOS III, specifically with Audit Enterprise. Additional experience may be considered in lieu of a degree.
  • DoD 8570 IAT Level II certification
  • DoD 8570 CSSP Analyst certification

These Qualifications Would Be Nice to Have

  • IAT III Certification
  • Master's Degree
Travel Required: None
About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.