Senior Analyst, Security Operations Center CND Computer Incident Response Team, TS/SCI, Colorad
When it comes to Cyber, GDIT is looking for people with enthusiasm, curiosity, and a thirst for knowledge. Are you the person with the passion, intellect, and skills to learn the procedures and tools to become a rock-star cyber analyst? We are looking for people with a different kind of mind-set that includes strong intuition and the ability to think creatively and see the bigger picture while paying attention to the details. We are looking for people with the ability to learn new concepts and introduce new ideas that propel GDIT to the next level of cyber operational efficiency and help our customers reduce their exposure to cyber threats. We are looking for people with the ability to perform the procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. We need cyber analysts that can do all or most of these types of tasks:
- Find potential intrusions from seemingly benign audit logs or IDS alerts.
Create new techniques to compress time-intensive tasks into work that can be completed faster.
Evaluate and organize disparate sources of data to create a timeline of events and evaluate as a potential intrusion.
Catch the subtle cues of network traffic across the OSI stack to recognize and understand the meanings and implications of observed traffic.
Take apart a piece of malware to understand its attack vector and its most likely purpose.
Work with system owners to identify and correct misconfigurations.
Establish and grow relationships with other security operations centers, industry partners, and agencies to share best practices, tools and tippers.
Take on perspective of adversary and look at the structure of a network and supported mission to assess areas of exploitable vulnerabilities.
Perform Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
Assist with implementation of counter-measures or mitigating controls.
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
Prepare incident reports of analysis methodology and results. Must be familiar with and able to read PCAP.
Provide guidance and work leadership to less-experienced technical staff members.
Maintain current knowledge of relevant technology as assigned.
Participate in special projects as required.
- 5-8 years of related experience in data security administration; or other cybersecurity knowledge domain experience.
- Position requires both DoD 8570 IAT-II and CNDSP Incident Responder Certifications.
- Requires TS/SCI
- Must be willing to obtain and maintain a CI POLY.