General Dynamics Information Technology (GDIT), a leading provider of systems engineering, integration, IT service operations and support solutions, is seeking talented professionals to deliver valuable services and solutions to our customers.
GDIT has a great team consisting of experienced and knowledgeable managers who lead and support the career development objectives of our employees. Our employees consider the company to be a solid partner in their career, with an abundance of opportunities for advancement.
We are seeking a Senior Network Security Analyst
with focus on Incident Response and IT Security Operation technologies to support our Justice Programs team in Washington, DC. In this position, you will support the Department of Justice (DOJ) Justice Security Operations Center (JSOC).
The IT Security Operation Analyst may perform any or all of the following:
Provides support for complex computer network exploitation and defense techniques to include deterring, identifying and investigating computer and network intrusions.
- Provides incident response and remediation support; performing comprehensive computer surveillance/monitoring, identifying vulnerabilities; developing secure network designs and protection strategies, and audits of information security infrastructure.
- Provides technical support for continuous monitoring, computer exploitation and reconnaissance; target mapping and profiling; and, network decoy and deception operations in support of computer intrusion defense operations.
- Provides technical support for forensics services to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation.
- Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends.
- Performs research into emerging threat sources and develops threat profiles.
- Provides technical support for a comprehensive risk management program identifying mission critical processes and systems; current and projected threats; and system vulnerabilities.
- Bachelor’s Degree
- A Master’s Degree may be substituted for 4 years of general work experience
- Experience and education equivalents: CEH, eCPPT, OSCP, GCFW, GCIH, other relevant IT security certifications, or advanced vendor ceritifications such as Splunk Certified Architect or SourceFire Certified Administrator equate to 2 years of general experience each
- Security+, Network+, GSEC, or other relevant IT security product certifications such as Tenable Certified Nessus Auditor, ArcSite Certified Systems Analyst, or SnortCP equate to 1 year of general experience each.
- High school diploma with 8 years of experience in Functional Responsibility area may be substituted for a Bachelor’s Degree, 12 years for a Master’s Degree.
- CISSP, CISM, or ISO 27001 certifications equate to 3 years of experience in Functional Responsibility.
Six (6) years of general work experience and three (3) years of relevant experience in functional responsibility.
Analytic Staff Personnel will have a working knowledge of the following:
For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
- Packet Analysis
- SIEM Operation
- Understanding of how exploits work and appear within network traffic
- Intrusion Detection Technology
- Understanding of root kits, exploits, and other types of malware
- Awareness and understanding of popular attack tools (e.g.. Zeus, Blackhole, Slowloris, LOIC, Cryptolocker, Pony Loader, etc.)
- Ability to communicate effectively the actual status of an incident, attack, or other cyber issue.
- Awareness of tradecraft used by Nation State APT actors
- Capability to support the following systems:
- ArcSight SIEM
- Novetta Cyber Analytics
- FireEye MPS Suite
- Snort IDS
- Bro IDS
- Fidelis XPS
- CloudShield Trusted Cyber Solution Orchestrator
- Microsoft Advanced Threat Analytics
- Counterattack Active Defense