Network Based Computer Intrusion AnalystResponds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities. Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.Provide knowledge in computer and network forensics.Develops, researches and maintains proficiency in tools, techniques, countermeasures, and trend in computer and network vulnerabilities, data hiding, and encryption.Identifies, deters, monitors, and investigates computer and network intrusions.Monitors external data sources (eg, Computer Network Defense vendor sites, Computer Emergency Response Teams, SANS, Security Focus) to maintain currency of Computer Network Defense threat conditions.Performs analysis of log files from a variety of sources (eg, network traffic logs, firewall logs, intrusion detection system logs, DNS logs) to identify possible threats to network security.Collects network intrusion artifacts (eg, domains, URI's, certificates, etc.) and use discovered data to enable mitigation of potential Computer Network Defense incidents.Provides computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.Uses current hashing algorithms to validate forensic images; diagrams networks and images servers to support digital forensics operationsUtilizes a variety of industry standard tools and techniques to collect a system's current state data and catalog, document, extract, collect, and preserve informationUses dynamic analysis to identify network intrusions and network monitoring tools to capture real-time traffic spawned by any running malicious code; identifies internet activity that is triggered by malware; identifies network/host-based characteristics and assists in drafting recommendations to mitigate malware effectsProvides real-time incident handling tasks as part of an incident response teamUtilizes various government and commercial resources to research known malware, define its characteristics, and report findings and mitigation recommendations to appropriate personnelUses prescribed methods and materials to provide basic incident response and/or technical assistance to situational response teams (eg, scanning digital media for viruses)Follows and understands the proper procedures to preserve chain of custody for legal reviewAble to deploy to DHS customers in the field throughout the US states and territories with a 12 hour notice; surge support is requiredAdditional Requirements:This position could possibly be designated as critical to agency operations and may be required to be deployed as part of an Emergency Relocation Group (ERG) in conjunction with COOP deployment or emergency activation team.Active Top Secret Security Clearance with SCI eligibility is required. In addition, must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment5-10 years of related experience in data security administration.As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.WIIS14