Incident Response Support Specialist (TopSecret required) - Andrews AFB, MD

Clearance Level
Top Secret
Cyber Security
Andrews AFB, Maryland

REQ#: RQ116835

Travel Required: Less than 10%
Public Trust: None
Requisition Type: Regular

We are GDIT. We stay at the forefront of innovation to solve complex technical challenges. GDIT is your place. Make it your own by discovering new ways to securely and expertly apply the latest technology. Own your opportunity at GDIT and you’ll be a meaningful part of improving how agencies operate.

GDIT is looking for an Incident Response Support Specialist at Andrews Air Force Base in Camp Springs, Maryland.

The 89th Airlift Wing (89th AW) is one of 17 Air Force active duty wings assigned to Air Mobility Command (AMC) and is a tenant unit based at Joint Base Andrews, Maryland. The 89th AW provides global Special Air Mission airlift, logistics, aerial port and communications for the president, vice president, cabinet members, combatant commanders and other senior military and elected leaders as tasked by the White House, Air Force chief of staff and AMC.

EACN consists of operational network equipment known as A2G2s that provides/supports access to the DOD GIG for US Senior Leaders to access voice, video and data services while airborne. EACN consists of the following equipment: Cisco routers, Cisco switches, Cisco Unified Call Manager (UCM), Sonus VX appliances, High Assurance Internet Protocol Encryption (HAIPE) Inline Network Encryptor (INE), SkyX, Cisco WAAS data accelerators, McAfee firewalls, Juniper VPN appliance, Sourcefire network defense sensors, VMWare servers, CommVault, and Storage Area Network (SAN). EACN consists of the following network applications and software: AF Standard Desktop Configuration (SDC) v3. 5 and higher, MS Active Directory 2012, MS Server 2012, MS SQL 2012, MS Office, MS Visio, Red Hat Enterprise Linux, SolarWinds Orion, CommVault, Remedy Action Request System (ARS) service management, Sonus VX Watch, Sonus VX Builder, Sonus VX Gate, Putty, Windows Server Update Services (WSUS), Cisco Access Control Server (ACS), Cisco Unified Communications Manager (UCM), Cisco Unified Border Element (CUBE), Cisco VPN software and configuration, Cisco Unified Communications Services (UCS), KLAS Voyager Executive Communications Kit (ECK), Cisco 2901 Voice Telephone and System, Cisco 2901 IOS, Symantec/McAfee Antivirus, Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS), WinSCP, and Wireshark.

What you'll be doing:

  • Identify, diagnose, mitigate, and report any service interruptions, including mitigation of identified cyber incidents/ vulnerabilities/ network attacks (as described in AFI 17-203, Cyber Incident Handling) within the Executive Airlift environment using ITSM tools.

  • Drive resolution, coordinate with internal and external teams to identify the root cause, restore service with workarounds if necessary, and communicate status to affected stakeholders throughout and following the incident.

  • Utilize Incident Response Plan and document the details of the event in the Incident Report (008) in order to optimize response actions.

  • Leverage’s knowledge and best practice experience to identify and champion recommendations for improvements opportunities within the specific process area.

  • Monitors processes within the environment and throughout the ITSM process life cycle; validates adherence to specified process requirements and measurement activities.

  • Provide daily ticket reviews, updates, and reports.

  • Possess Certified Ethical Hacker (CEH), GIAP Incident Response Handler.


  • BA/BS in related field and 2 years' experience; or total of 6 years' experience or equivalent

  • Active DOD TOP SECRET Clearance

  • Onsite Andrews AFB, in Maryland


  • Possess CompTIA IAT Level II (Security+CE or higher) certification

  • Possess Certified Ethical Hacker (CEH), GIAP Incident Response Handler.

  • MCP/MCSE (role base certification)

  • CCNP, CCIE, or CISSP or any higher certification

  • ITIL Foundations Certification (within 6 months) with related expertise or equivalent experience

  • Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats

  • Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events


  • Full-flex work week

  • 401K with company match

  • Internal mobility team dedicated to helping you own your career

  • Collaborative teams of highly motivated critical thinkers and innovators

  • Ability to make a real impact on the world around you

#defense #EACN #topsecret #AndrewsAFB #maryland #A2G2 #SolarWinds #skyX #INE #AEFs #opportunityowned #AFOpportunities #kmp #incidentresponse #support #specialist #cybersecurity #analyst

About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.