Provide oversight for the CIRT Analyst team and coordinate all 24x7x365 team activities, to include tasking, scheduling, training, and overall management to meet Sponsor requirements.
Perform Tier 3 Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Evaluate change requests and assess organizational risk.
Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
Assist with implementation of counter-measures or mitigating controls.
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
Prepare incident reports of analysis methodology and results.
Maintain current knowledge of relevant technology as assigned.
Participate in special projects as required.
- Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
- Security related certification(s) desired (e.g., CISSP, CEH, SANS GSEC, etc.)
Required Skills & Experience:
- 10-15 years of related experience in data security administration
- Minimum of 5 years progressively responsible experience in cyber security, InfoSec, security engineering, network engineering, with emphasis in cyber security issues and operations, computer incident response, systems architecture, or data management
- Strong analytical and problem solving skills
Desired Skills & Experience:
- Experience with HP's ArcSight SIEM
- Experience with Splunk
- Experience with an industry leading endpoint detection and response tool such as Carbon Black, EnCase Cybersecurity, or Tanium
- Experience with intrusion prevention systems such as McAfee Network Security Manager, Sourcefire SNORT, or Palo Alto Wildfire
- Experience with a case management tool such as JIRA or ServiceNow
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Software Powered by iCIMS