REQ#: RQ190299Public Trust: NACI (T1) Requisition Type: Regular Your Impact

Own your opportunity to manage the network that makes mission success possible. Make an impact by using your skills to deliver “One GDIT Network” for our clients.

Job Description

As a member of the Security Operations Center (SOC) team, in support of the Virginia Information Technology Agency (VITA), a Cyber Security Analyst (Tier II) will be responsible for performing investigation and escalation of security alerts triaged by Tier I analysts and others that enter the SOC from network and security systems/applications, the client, and/or from intelligence sources. The position may also require an Analyst to monitor and utilize third party toolsets in the client environment.

RESPONSIBILITIES:

Provide technical support on event network security logs and trend analysis.Detect the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others).Uncover and pinpoint security violations of compromised systems and devicesCorrelate security events from various capabilities to identify attacks and breaches.Analyze and acts on intelligence information to secure customer networks and devicesRecognize successful and unsuccessful intrusion attempts and compromises.Triage security events utilizing relevant details and summary information.Prepare incident reports of analysis methodology and results.Observe, document and report actions taken by malicious actors in customer networks.Accurately and appropriately prioritize and escalate incidents.Examine malware analysis reports and other reporting from incidents to correlate similar events.Conduct log and system analysis for various system, and network and security devices.Document emerging threat intelligence and reported IOCs for security tool integrations.Create and update rules or signatures in security tools and applications.Escalate identified security incidents to the appropriate teams or POCs.Recommend appropriate methods of system remediation and threat mitigation, as needed.Maintain a current understanding of the best practices and strategies used in cyber security.Motivate self and co-workers to expand knowledgebase and capabilities.

REQUIRED QUALIFICATIONS:

You MUST have:

Technical Training, Certification(s) or Degree, 1+ years of experienceCyber Ark ExperienceCompTIA A+, Net+ or Sec+ certifiedQualifying Certification to meet DoD IAT Level II and CSSP Analyst (DoD 8570) requirements to be met within 6 months of starting the position: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, and/or PenTest+

PREFERRED QUALIFICATIONS

Even BETTER if you have:

5+ years of relevant experienceStrong analytical, organizational and project management skillsUnderstanding of networking fundamentals, the OSI model, and TCP/IP protocolsKnowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.)Experience reviewing network, host and application audit logs (system, security, etc.)Relevant security certifications (Network+, CEH, CCNA, etc.)Familiarity of security standards (NIST, FISMA, Fed RAMP, DCID, CNSS and DoD 8500)Knowledge of cloud IT solutions and security considerations of cloud solution deploymentExperience with any SIEM or log aggregation system, Splunk preferred