REQ#: RQ208647Public Trust: BI Full 6C (T4) Requisition Type: Regular Your Impact

Own your opportunity to manage the network that makes mission success possible. Make an impact by using your skills to deliver “One GDIT Network” for our clients.

Job Description

Advance your career while impacting our national security in cyber as a Cybersecurity Analyst Principal at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.

MEANINGFUL WORK AND PERSONAL IMPACT
As a Cybersecurity Analyst Principal, the work you’ll do at GDIT will be impactful to the mission of the US Department of Education's Portfolio of Integrated Value-Oriented Technologies (PIVOT). You will play a crucial role via the following responsibilities:

Oversee the daily operations of the SOC and plans shift activitiesWorks closely with Incident Management TeamMust be willing to lead major incident management process, supports Agency leadership during the activation of major/escalated incidentsDevelop, author, and deliver process improvements for the SOC in order to maintain operational readiness for incident responseMonitor and report on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are metPartner with IT leadership and teams to support operational issues and prepare for potential incidentsSupport annual updates of the incident response concept of operations documentSupport annual incident response tabletop exercisesLead, mentor, and coach SOC I and SOC II staff membersWork as part of a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signaturesCarry out triage on security events, coordinate incidents with Incident Management Team, IT operations, network engineering, and application teams and support the Incident Management processIdentify and respond to incidents, to prevent or limit damage to assets, and report incidentsDetect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from incidentsDevelopment of advanced analytics and countermeasures to protect critical assetsIDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensicsSupports the production and maintenance standard operational processes and procedures and playbooks for use by all shift personnelProvide enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware trackingAssess, identify, and remediate of the individuals and/or systems affectedCoordinate all information security incidents complied with timeline specificsCoordinate the development of reports from the SIEM, NIDS, and HIDSRemain up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediationPerform other tasks consistent with the goals and objectives of the department/contractPerform other duties as assigned by Senior Program ExecutiveResponsible to fully document assigned tickets to show all work performed in order to pass SLRsResponsible to manage team to fully document assigned tickets to show all work performed in order to pass SLRs

WHAT YOU’LL NEED TO SUCCEED
Bring your cyber expertise and drive for innovation to GDIT. The Cybersecurity Analyst Principal must have:

● Education: Technical Training, Certification(s) or Degree

● Experience: 5+ years of related experience

● Required Skills:

Experience composing threat reports and other management level communicationsLeadership experience of teams of 5 or moreVulnerability Management – Nessus Vulnerability ScanningConfiguration Management - STIG/SCAP compliance baselines for windows, mac, linuxSplunk SEIM / Log Aggregation experienceCloud Security - Familiarity with FedRAMP for IaaS, PaaS, SaaSExperienced Incident Response Team (IR/IRT) troubleshooting, root cause analysis and remediation verification.Knowledge of Identity Management, ICAM/IDAM and authorization, least privilege, reducing unauthorized elevated access.Firewall Understanding including basic networking, sub-netting, IDS, NAT, ACL'sPenetration Test Response and RemediationDevSecOps – software development lifecycle security –scanning across the lifecycle and baking in application security for developers and containersMicrosoft Defender for Endpoint experience

● Preferred Skills:

ServiceNow ticketing and reporting experienceLinux, Windows, and Active Directory experienceExperience with Tenable and Palo Alto network security solutionsCloud and mobile device experienceForeScout CounterAct, DLP solutions and Cylance AVCISSP certification

● Security Clearance Level: Must be able to obtain a position of Public Trust with the US Department of Education

● US Citizenship Required

● Location: Hybrid at GDIT's Integrated Technology Center in Bossier City, LA

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Flexibility: Full-flex work week to own your priorities at work and at home
● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.