Req ID: RQ208521
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: None
Public Trust/Other Required: None
Job Family: Cyber and IT Risk Management
Skills:
Computer Security Incident Response,Cybersecurity,Cyber Threat Hunting
Experience:
0 + years of related experience
Job Description:
Advance your career while impacting our national security in cyber as a Cyber Threat Analyst Associate at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.
The Cyber Threat Analyst Associate is directly responsible for the first level monitoring, triage, and communication of security events received into the SOC. Analysts will use SIEM technology to triage alerts as the enter the SOC from network and security systems/applications, the client, and/or from intelligence sources. Furthermore, the Analyst may be required to both monitor and utilize third party toolsets in the client environment to assist with the identification of security threats.
As a member of the cloud services team, the Cyber Threat Analyst Associate will perform Level 1 triage and escalation to support SOC operations including:
Provides technical support on post event network security logs and trend analysis to uncover security and compliance violations
Detects the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others)
Pinpoints location of compromised systems and devices, and conducts cyber incident and event monitoring identifying anomalous and malicious activity
Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches
Associates and correlates IP address related events with specific systems or devices in the IT infrastructure
Identifies and analyzes intelligence information about threats to customer's information processing systems
Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough triage of events utilizing relevant event detail and summary information.
Ensure the integrity and protection of networks, systems, and applications through monitoring of security devices. React to customers escalations.
Observes and documents actions taken by malicious actors in customer networks and contribute to content creation
Experience working within a wide range of environments to include Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and TCP/IP protocols
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
Education: Technical Training, Certification, or Degree
Experience: 0+ years related experience
Highly preferred Skills:
Knowledge of information security event monitoring and detection and NID monitoring and incident response; Cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks); Attack methods and techniques (DDoS, brute force, spoofing, etc.)
Knowledge of IPS/IDS , experience managing cases with enterprise SIEM systems (e.g. Sumologic, Splunk) and other network security tools
Strong research background desirable. Knowledge of laws, regulations, policies , and ethics as they relate to cybersecurity and privacy
Familiarity with Federal and DoD security standards such as NIST, DCID, CNSS and DoD 8500
Cloud computing and working knowledge of Windows and Linux OS to include experience working in the command line interface
IDS/IPS, penetration and vulnerability testing, DLP, anti-virus and anti-malware, TCP/IP , computer networking , routing and switching
Computer networking fundamentals, network traffic analysis methods and ability to review and analyze network packet captures
Understanding of implementation of ITIL practices and ISO 2700 family of standards
Location: Hybrid to the ITC in Bossier City, LA
Preferred Qualifications:
Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) a big plus but not a requirement
Preferred Certifications:
Certification in one or more industry-related certifications including (not limited to):
CompTIA Security + / Network + / etc.
GSEC (GIAC Security Essentials Certification)
CPTE - Certified Penetration Testing Engineer
CEH - Certified Ethical Hacker
GCIH - (GIAC Certified Incident Handler)
ECIH - (EC-Council Certified Incident Handler)
ECSA (EC-Council Security Analyst)
GDIT IS YOUR PLACE:
Growth: AI-powered career tool that identifies career steps and learning opportunities
Support: An internal mobility team focused on helping you achieve your career goals
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
Community: Award-winning culture of innovation and a military-friendly workplace
The likely salary range for this position is $71,445 - $96,661. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
