Computer Network Defense (CND) Detect / Incident Response - Secret - Mons, Belgium

6 days left

Location
Mons
Posted
Jul 18, 2017
Closes
Aug 26, 2017
Hours
Full Time
Detect - Mission Statement: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

Respond - Mission Statement: Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation or property, and information security. Investigates and analyzes all relevant response activities.

Detect

Monitor Splunk for AlertsMonitor HBSSMonitor FidelisMonitor IDSMonitor FW Logs and FW BlocksDevelop Indicators for detections using Splunk, Fidelis, etc...Monitor Network FlowsReview Device LogsMonitor DCO and Cybercom chat rooms for new indicatorsInitial Triage for Detected IncidentsDaily Status report for Open IncidentsMaintain Daily Operations Log for Incident DetectionShould have a good understanding how to build dashboards and custom queries in but not limited to HBSS, ACAS, Fidelis, IDS systems 

Incident Response

 

Manage Incidents from Detect team and complete all actions.Work with Program Office Divisions (And other units as needed), to remediate incidents, acquire the 5w’s  and ensure the incident has been rectified and documented appropriately in accordance with approved Standard Operating Procedures.Work with the Information Assurance Team, Security manager and GOVT ISSM to ensure any Data Spills are handled appropriately. Manage the Data Spill Process, working with external agencies as required to ensure cleanup and mitigation is accomplished within required times as set out by government.Assist in the development of incident response documentation and SOPsProduce AAR for all closed Incidents.Remotely access machines to remove unauthorized software, malware eradication… 

 

The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment

 

The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job


Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job

 

GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.

Education 1. Bachelor's Degree in Computer Science, Cybersecurity, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience.

2. 8-10 years of related Computer Network Defense (CND) experience.

3. Must have or be able to obtain within 6 months of hire the appropriate DoD 8570.01-M / DoDD 8140 certification for Cyber Security Service Provider (CSSP) Infrastructure Support.

4. Must complete DISA HBSS 201, 301, and 501 training within 30 days of starting.

 

5. Must complete DISA ACAS v5.x training within 30 days of starting.

 

Qualifications 1. Experience with Cybersecurity, engineering, or security vulnerability remediation

2. Knowledge of Cybersecurity technical assessments, standards, tools, and processes
3. Ability to perform technical assessments and communicate results

4. Experience with documenting incidents and developing remediation's, analyzing security risks and threats, conducting vulnerability assessments and implementing mitigations, conducting penetration testing, deploying and monitoring security measures, handling certification and authorization activities and processes, including RMF, and developing architectures

5. Knowledge of Cybersecurity methodologies

6. Ability to communicate security issues to program leadership and analyze and implement security policies and procedures.

  As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities. #CJPOST #DPOST