Sr Analyst, Info Security
- Responsible for system operations and maintenance (O&M), and security of the enterprise servers.
- Develops TTPs that address how the organization will ensure HBSS is fully operational in accordance with USCYBERCOM directives.
- Ensures all implemented patches; maintenance releases, version upgrades, and implemented tuning are integrated into the program baseline.
- Updates the HBSS agents, modules, signature files, and policy sets within 30 days of release/approval by CAB.
- Ensures Rogue System Detection sensors have coverage per USCYBERCOM direction and alerts are reviewed daily.
- Identifies and reports any implementation, configuration, resource and coverage gaps regarding the deployment and operation of HBSS.
- Operates HBSS on all assets in accordance with approved operating procedures. This includes monitoring HBSS operations and alert logs, notifying their chain of command in accordance with local incident handling procedures, and updating HBSS agents with appropriately approved HBSS policy set changes, programmatic updates, and patches.
- Ensures all assets are being monitored by HBSS, and coordinate with local support to install HBSS agent if unable to install remotely.
- Serves as first level escalation point for HBSS related tickets/issues
- Works to identify root cause of HBSS-related incidents and provide workaround if applicable to restore service
- Assists with troubleshooting all escalated issues
- Provides feedback to engineering on HBSS documentation and process improvements.
- Remediates all systems with missing or out of compliance modules and/or antivirus and HIPS definitions.
- Remediates Distributed Repository replication failures.
- Adds IP addresses to Trusted Networks for any vulnerability scanners in use by IAD.
- Implements appropriate blocking actions requested by USCYBERCOM in accordance with approved TTPs.
Must have the following experience:
2+ years' experience working with and a basic knowledge of Windows server 2008 R2 and Windows server 2012 R2 system administration
2+ years' experience and a general understanding of applying patches and updates to servers and workstations
1. Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
2. Must meet DoDI 8570.01-M Certification with a CND-SP or IASAE specialization required (GCIA, CEH, GCIH, GCFA, CASP)
3. ITIL v3 Certification preferred
5-8 years of related experience in data security administration.
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.