Information Security Associate Analyst
Cyber Incident Management AnalystThe Cyber Incident Management Analyst processes cybersecurity-related incidents according to documented procedures and escalates to management as necessary within the Cyber Incident Management Center. The Cyber Incident Management Analyst will process incidents such as system compromise; website defacement; malicious code infection; and lost or stolen hardware. The Cyber Incident Management Center operates 24/7/365 and occasional shift work is required. The ideal candidate will have earned a bachelor's degree in a technical field and has 3 years of help desk or other technical support experienceResponsibilities:Support; escalate; and document cyber event reports Provide cyber event handling functions for cybersecurity events including; but not limited to: intrusion detection; malware infections; denial-of-service attacks; privileged account misuse; classified spillage; and other network breaches Take appropriate action on data obtained through customer reporting; open source research; and enterprise security toolsPreferred Background: Bachelor's degree in computer science; computer engineering; cybersecurity; information technology; or related subject matter; or equivalent professional experiencePrevious work or internship experience required within the following areas:Information Security Network/data center operations Systems Administration Currently holding a DOE Q-level or Top Secret security clearance Currently holding Security+; GCIA; GCIH; or CEH certifications Strong oral and written communication skills Working knowledge of networking technology and protocols Hands-on experience in troubleshooting network devices Hands-on experience with Windows and/or Linux operating systems as an administrative userTechnical Requirements:Understanding of TCP/IP networking including knowledge of protocols and services Capable of interpreting packet captures and/or netflow data Administrator level knowledge of OS basics Understanding of Intrusion Detection and Prevention from both the network and host levels Understanding of intrusion detection/protection systems (Snort; Bro; Fire Eye; argus; SiLK; etc) and tools (tcpdump; Wireshark; nmap; etc) Understanding of network; desktop and server technologies; and other security related technologies such as Intrusion Detection Systems and Intrusion Protection SystemsGeneral Requirements:Strong oral and written communication skills Ability to effectively communicate and translate highly technical information in a professional manner at all levels; including to high-ranking executives Ability to follow Standard Operation Procedures accurately and efficiently Aptitude for learning; be self-directed; and be capable of working in a fast paced operations environment 1 - 3 years of experience in a large IT enterprise or Government environment Perform shift work in 24/7/365 environment Ability to obtain and maintain a DOE Q-level clearance Obtain Security+ within 6 months and/or maintain active Security+ certification status Education Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. Qualifications 0-2 years of related experience in cyber security. As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.