Req ID: RQ205519
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: None
Public Trust/Other Required: MBI (T2)
Job Family: Intelligence
Skills:
Cyber Threat Intelligence,Incident Response,Threat Management
Experience:
3 + years of related experience
Job Description:
Seize your opportunity to make a personal impact as a Threat Management Specialist (Tier 3) Aerial supporting the United States Postal Service. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career.
At GDIT, people are our differentiators. As a Threat Management Specialist (Tier 3) Aerial , you will help ensure today is safe and tomorrow is smarter. Our work depends on a Threat Management Specialist (Tier 3) Aerial joining our team to analyze design, develop, implement, and support code for our government customer, the United States Postal Service.
How a Threat Management Specialist (Tier 3) Aerial Will make an impact
In this role, a typical day will include:
Recognizing potential, successful, and unsuccessful intrusion attempts and compromises, and perform careful analysis of relevant event details and summary information
Identification of security problems which may require mitigating controls
Identification of the adversary activity and movement within USPS environment
Analyze network traffic to identify command and control (C2) communications
Analyze attachments and URLs for malicious code
Recommend detection and containment mechanisms for exploit and or intrusion related attempts
Work with law enforcement if needed for handoff of investigations
Manage email security using ProofPoint, monitor for threats, and promptly respond to alerts/issues
Possesses ability to conduct packet analysis and recommend custom monitoring policies and signatures within network detection tools
Reviewing and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC)
Perform log analysis, generate Indicators of Compromise (IOCs) and develop specialized searches to investigate security incidents diligently through Splunk Cloud and ES and Sentinel 1
Use Sentinel 1 Deep Visibility to respond to alerts and conduct thorough security assessments
Utilize AI/ML-based tools and techniques to detect anomalies, automate incident triage, and improve threat intelligence.
Identify and support automation use cases, including the use of AI/ML to enhance SOC capabilities.
Collaborate across Operations to provide SOC enhancement capabilities through the use of automation and AI.
WHAT YOU'LL NEED TO SUCCEED:
Education :
Bachelor's or Master's degree in Computer Science, Information Systems, Cybersecurity or other related fields. Or equivalent work experience.
NOTE: If resources do not have a relevant college degree, an additional 4 years of relevant work experience is required.
Required Experience :
3+ years' experience in IT Operations
3+ years' experience in Incident Response Operations, malware analysis
Ability to assess security incidents promptly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting impact
Strong working knowledge of:
Platform Security Basics
Threat Lifecycle Management
Incident and Crisis Management
Static binary analysis techniques
Live malware analysis techniques
Disassembly and reverse engineering
Preference for hands-on experience with Artificial Intelligence (AI) and Machine Learning (ML) techniques to enhance cybersecurity operations
Preference for experience working with SentinelOne, ServiceNow Incident Response (SIR), Splunk ES and SOAR, AWS, Azure, Okta, O365, Sourcefire, Proofpoint,
Advance knowledge of APT detection and mitigation
Advanced knowledge of networking technologies and protocols, including Ethernet, TCP and IP routing, security architecture, and mobile technology
Experience investigating targeted intrusions through complex network segments
Familiar with DMAR, DKIM, SPF concepts
Familiar with Azure/O365/Google Cloud integration
Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
Security Clearance Level :
Ability to obtain and maintain a Public Trust clearance and successfully pass a thorough Government background screening process requiring the completion of detailed forms and fingerprinting
This position has a U.S. residency requirement. The USPS security clearance process requires the selected candidate to have resided in the U.S. (including U.S. Territories) for the last five years as follows: U.S. Citizens cannot have left the U.S. (including U.S. Territories) for longer than 6 months consecutively in the last 3 years (unless they meet certain exceptions). Non-U.S. Citizens cannot have left the U.S. (including U.S. Territories) for longer than 90 days consecutively in the last 3 years.
Location :
Morrisville, NC
Falls Church, VA
Eagan, MN
Remote considered
Hours
M-F 7:00am to 4:00pm
GDIT IS YOUR PLACE:
401K with company match
Comprehensive health and wellness packages
Internal mobility team dedicated to helping you own your career.
Professional growth opportunities including paid education and certifications.
Cutting-edge technology you can learn from
Rest and recharge with paid vacation and holidays
ThreatManagement #zxc726
The likely salary range for this position is $43,888 - $0. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
