Cyber Security Incident Response Analyst - Military veterans preferred

2018-10-19
General Dynamics Information Technology (www.gdit.com)
Other

/yr

  full-time   employee


Seaside
California
United States

GDIT is seeking a highly qualified Cyber Security Incident Response Analyst who will support the Defense Human Resources Activity (DHRA) and Defense Manpower Data Center (DMDC) Cybersecurity Strategy, Operations and Programs.  Our client, DHRA and DMDC supports major programs and initiatives within the Department of Defense (DoD) and maintains the largest archive of personnel, manpower, training, security and financial data within the DoD.  AIT provides both DHRA and DMDC with Cybersecurity Support Services and solutions that span the entire spectrum of existing and future technical environments, hardware and software systems, and applications lifecycle in support of both its Unclassified Non-secure Internet Protocol Router Network (NIPRNET) and Classified Secure Internet Protocol Router Network (SIPRNET) environments.

 

Responsibilities:

  • Conduct highly technical examinations, analysis and reporting of computer based evidence related to security incidents (intrusion artifacts/IOCs) or investigations.
  • Effective and secure handling of digital evidence and matter confidentiality.
  • Perform incident triage and handling by determining scope, urgency and potential impact thereafter identifying the specific vulnerability and recommending actions for expeditious remediation.
  • Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.
  • Document incidents from initial detection through final resolution.
  • Coordinate with and act as subject matter expert to resolve incidents by working with other information security specialists to correlate threat assessment data.
  • Maintain and expand related information security metrics.

Skills:

  • Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting).
  • High level of ethical hacker knowledge and understanding of malware/ransomware.
  • Strong knowledge of network protocols, Windows/Linux OS, IOCs and BIOCs
  • Understanding of network and system intrusion and detection methods; examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), Endpoint Detection and Response (EDR)
  • Expert knowledge and experience of Microsoft Windows Desktop Operating Systems.
  • Expert Knowledge in VMWARE, KVM and other virtualization technologies.
  • Ability to operate Linux workstations, servers.
  • Ability to build, maintain, and operate a sandbox lab environment.
  • Proven experience with most commonly used forensic toolkits such as FTK, Sift, and Sleuth Kit through the Acquisition, Analysis, and Reporting stages.
  • Proven training and experience in Encase equipment and usage of Write Block Applications.
  • Comfortable analyzing malicious artifacts in a safe manner such as potentially malicious websites, emails and malware
  • Excellent written and verbal communication skills with the ability to express thoughts clearly and accurately, know how to listen, and contribute in a client-facing environment.
  • Strong attention to detail and organizational skills.
  • High Level of Competence with Microsoft Excel for manipulating, sorting, combining, and creating pivot tables.
  • Ability to multitask and work independently with minimal direction and maximum accountability

Qualifications:

5-8 years of directly related experience in network administration and support.

 

Certification Requirement: 8570 IAT III (CASP/CISSP)

 

 

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Education:

Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.