Req ID: RQ205235
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: Top Secret/SCI
Public Trust/Other Required: None
Job Family: Information Security
Skills:
Cybersecurity,Security Software,Security Tools
Certifications:
CompTIA Security+ CE | CompTIA - CompTIA
Experience:
5 + years of related experience
US Citizenship Required:
Yes
Job Description:
Transform technology into opportunity as a Cybersecurity Systems Administrator - Lead with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate.
At GDIT, people are our differentiators. As a Cybersecurity Systems Administrator - Lead , you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cybersecurity Systems Administrator - Lead joining our team to provide cyber technical support for the Cyber Security Operations Center (CSOC).
HOW AN INFORMATION SECURITY ANALYST ADVISOR WILL MAKE AN IMPACT:
Support will consist of configuring, tuning, optimizing, and maintaining critical security infrastructure to safeguard the organization's digital assets against evolving cyber threats.
You'll be responsible for overseeing the operation and maintenance of essential cybersecurity systems, including Security Information and Event Management (SIEM) technologies, Endpoint Detection Response (EDR) systems, network access control policies, and Security Orchestration, Automation, and Response (SOAR) platforms.
WHAT YOU'LL NEED TO SUCCEED:
Education: Bachelor's degree in information systems, Computer Science, Computer Engineering, Cybersecurity or another related field. Relevant work experience may be considered in lieu of a degree.
Certification(s) Applicable DoD 8140 or DoD 8570 Certification
Required Experience: 5+ plus years' experience in cybersecurity administration, with a focus on configuring and managing SIEM, EDR, network access control, and SOAR platforms and other related security technologies
Required Technical Skills:
Proficiency in Linux environments, including system administration tasks and shell scripting for automation and customization.
Solid understanding of cybersecurity principles, threat landscapes, and best practices for configuring and tuning security tools.
Strong analytical skills and attention to detail, with the ability to troubleshoot complex technical issues and optimize system performance.
Excellent communication and collaboration skills, with the ability to interact effectively with technical and non-technical stakeholders.
Demonstrated ability to work independently, prioritize tasks, and meet deadlines in a dynamic and fast-paced environment.
Required Skills and Abilities:
Configuration and Optimization:
Collaborate with cybersecurity stakeholders to define and implement effective configurations for SIEM, EDR, NAC and other cybersecurity detection and remediation solutions.
Customize and optimize alert rules, correlation searches, and detection mechanisms within SIEM to align with security requirements and organizational objectives.
Deploy new SIEM instances including clustered deployments and apps.
Fine-tune EDR policies, rulesets, and scanning parameters to enhance endpoint visibility and threat detection capabilities.
Configure network access control policies to enforce security posture and mitigate risks associated with unauthorized devices.
Ability to support Linux environment, editing and maintaining Splunk configuration files and apps.
Work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and aid with the creation of Splunk search queries and dashboards.
Integrate cyber tools with a variety of legacy data sources.
Maintenance and Support:
Conduct routine maintenance tasks, such as software updates, patches, and performance tuning, to ensure the reliability and efficiency of cybersecurity systems.
Provide timely support and troubleshooting assistance to address issues and incidents related to SIEM, EDR, NAC, and SOAR platforms, collaborating with vendors or higher-level support as necessary.
Perform regular system audits and health checks to identify vulnerabilities, misconfigurations, or performance issues, implementing corrective actions as needed.
Provide occasional presentations of tool capabilities to leadership
Policy Development and Compliance:
Develop and enforce configuration standards, security policies, and operational procedures for cybersecurity systems, ensuring compliance with regulatory requirements and industry best practices.
Monitor compliance with security policies and regulations through audits, assessments, and reporting activities, taking corrective actions to address any deviations or gaps.
Collaborate with compliance and audit teams to streamline regulatory compliance efforts and demonstrate adherence to security standards.
Integration and Automation: Integrate cybersecurity systems with other security controls, data sources, and IT infrastructure components to create a cohesive security ecosystem.
Develop and maintain automation scripts, playbooks, and workflows within the SOAR platform to automate routine tasks, orchestrate incident response processes, and enhance operational efficiency to assist the SOC.
Explore opportunities for innovation and continuous improvement by leveraging automation, orchestration, and integration with emerging technologies and industry trends.
Training and Knowledge Sharing:
Provide training sessions and document processes to empower internal teams with the knowledge and skills required to effectively utilize cybersecurity systems.
Share expertise, best practices, and lessons learned with colleagues through formal and informal channels, fostering a culture of collaboration and knowledge sharing within the cybersecurity team.
Preferred Skills:
Prior CENTCOM/COCOM experience
Splunk Certifications
Previous Threat Hunting/SOC experience
Previous System Administration Experience
Location: On site in Tampa, FL
Security Clearance Level: TS/SCI
GDIT IS YOUR PLACE:
401K with company match
Comprehensive health and wellness packages.
Internal mobility team dedicated to helping you own your career.
Professional growth opportunities including paid education and certifications.
Cutting-edge technology you can learn from and utilize to make a real impact on the world around you.
Rest and recharge with paid vacation and holidays.
Not sure this job's the one for you? Check out our other openings at gdit.com/careers.
Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking "Share."
ARMA
CENTCOMCITS
The likely salary range for this position is $110,500 - $149,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
