Computer Network Support - Military veterans preferred

2019-01-09
General Dynamics Information Technology (www.gdit.com)
Other

/yr

  full-time   employee


Washington
District of Columbia
United States

GDIT is seeking (2) on site Computer Network Support Representative in support of the Information Security (INFOSEC) Office, a 24x7 organization that is charged with ensuring the security of the U.S. House of Representatives' (“House”) computer network. An integral part of the security program is the ongoing maintenance of systems and analysis of network indicators that assure the security and integrity of the House network. This request reflects a need to focus on systems managed by contractors and external service providers to ensure they continuously meet House security standards.

 

The Computer Network Support duties include, but are not limited to:

  • Analyze raw data sources to extract, institutionalize, and document actionable events
  • Document the flow of data and identify multiple distinct data sources where suspicious behavior can be identified – must also be able to identify supplemental sources where similar data may be found
  • Investigate and identify the root cause behind security incidents – to include all stages of the cyber kill chain as appropriate
  • Communicate and collaborate with colleagues to investigate incidents
  • Investigate incidents both from a network and host/application level
  • Investigate an incident, develop/communicate a timeline, and identify multiple scenarios based on the investigation
  • Monitor, track and communicate reported events for numerous different security platforms, operating systems, databases, and management systems
  • Perform regular continuous monitoring of events across platforms, operating systems, databases, and management systems
  • Improve and implement indicators and protections across platforms, operating systems, databases, and management systems
  • Generate reports on a scheduled basis to document findings and remediation efforts, to include recommendations to the system owners
  • Design and implement dashboards and reports; create rapid prototypes
  • Work with the system owners to remediate security issues derived through external and internal assessments
  • Develop processes to proactively address security risks and develop reporting dashboards in House security systems to continuously track progress
  • Work in an Integrated Operations Center with other business units to assist in incidents on behalf of CyberSecurity
  • Reports detailing event results and remediation efforts
  • Maintain a list of tracked protective measures for applicable systems – both active and removed
  • Remediation recommendations to systems not controlled by INFOSEC
  • Document Standard Operating Procedures when performing required duties
  • Other documentation as needed or requested
  • Other duties as assigned

Qualifications:

Qualifications:

  • Demonstrated program level experience supporting network defense and strategies
  • Concepts of TCP/IP, network fundamental, network security, NetFlow and knowledge of tools such as Wireshark and Snort IDS
  • Knowledge of Bro and Security Onion
  • 2-3 years using Splunk to conduct network forensic analysis and network security monitoring
  • Knowledge of Fireeye’s product suite such as EMP and HX
  • A solid understanding of the current threats and tactics being used to attack systems, such as ransomware and phishing analysis
  • Ability to develop, document, and maintain use cases through Splunk or other SEIM technologies
  • Working knowledge of the Windows Operating System with the ability to identify common and unexpected processes, network events, etc.
  • Ability to generate a record of an investigation within an incident ticketing/tracking system
  • Ability to safely handle a potentially malicious file and perform basic analysis
  • Proficiency in writing Regular Expressions to extract data in Splunk via search-time and index-time extraction
  • Ability to work in a high-pressure environment with changing priorities
  • Experience supporting the full lifecycle of indicators of compromise and signature process, to include development of security documentation
  • Ability to communicate effectively, both orally and in writing, with information technology professionals, and technical and non-technical users
  • Certified Information Systems Security Professional (CISSP) and/or Cisco Certified Network Administrator (CCNA) and/or Checkpoint Certified Security Administrator (CCSA) and/or Checkpoint Certified Security Expert (CCSE) certification(s) is a plus
  • U.S. Citizen
  • Required: Ability to pass a detailed criminal background check

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

 

#HCSDCJ

#DICE

Education:

Education:

  • Bachelor’s degree in related field (i.e., Computer Science, Information Systems Management) and minimum of five (5) years of relevant IT security related work experience
  • In lieu of a Bachelor’s degree, proposed staff should have at least eight (8) years of IT security experience