Own your opportunity to serve as a critical component of our nation’s safety and security. Make an impact by using your expertise to protect our country from threats.
Job DescriptionOwn your career as a Cyber Incident Detector at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow.
At GDIT, people are our differentiator. As a Cyber Incident Detector you will help ensure today is safe and tomorrow is smarter.
HOW A CYBER INCIDENT DETECTOR WILL MAKE AN IMPACT
Perform forensic analysis of digital information and gathers and handles evidence. Identify network computer intrusion evidence and perpetrators, and coordinates with other government agencies to record and report incidents.
You must be passionate about technology, and able to learn the ropes of new security solutions rapidly.
Take the lead in day-to-day monitoring for unusual activities, implement defensive protocols, and report incidents.
Forensic analysis of digital information, Open-Source Intel (OSINT) review/monitoring, available tools both customer provided and open source, and pivoting/researching on previously reported Indicators of Compromise (IOCs).
Participate in collaborative sessions with other CNDSPs and Intelligence Community (IC) agencies on malicious intrusions, attacks or suspicious activities, as well as share emerging Cyber Threat Intel data.
Assist in the development of IOCs for active defensive countermeasures and passive detection signatures.
Day, Swing, or Mid Shift position available. Willing to work a weekend or holiday shift supporting your assigned shift.
WHAT YOU’LL NEED TO SUCCEED:
Bachelor's Degree and 8+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered.
DoD Approved Baseline 8570/8140 IAT Level II (Sec+, CySA+, CND, or CCNA-Security) certification required prior to start date.
DoD Approved Baseline 8570/8140 CSSP Analyst (CEH, CySA, or CFR) certification required prior to start date.
GIAC Continuous Monitoring (GMON) or equivalent (other GIAC certs, CSA, ECIH, any cert under CSSP Analyst) certification required within first 120 days of employment
Splunk Core User certification required within first 120 days of employment
Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph
REQUIRED SKILLS AND ABILITIES:
Must have common knowledge of standard network infrastructure.
Other items that would be good to know include: domain masquerading, certificates, and file hashing.
Familiar with monitoring emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK Framework
Good written communications skills are necessary to properly document and report the identification and sharing of newly identified IOCs.
Meticulous eye for detail and an ability to multitask in a fast-paced environment.
Maintain knowledge of current cybercrime tactics.
Day, Swing, or Mid Shift position available: Willing to work a weekend or holiday shift supporting your assigned shift.
Location: On Customer Site
Colorado Springs, CO
GDIT IS YOUR PLACE:
401K with company match
Comprehensive health and wellness packages
Internal mobility team dedicated to helping you own your career
Professional growth opportunities including paid education and certifications
Cutting-edge technology you can learn from