Responsibilities for this PositionLocation: USA MD BethesdaFull Part/Time: Full timeJob Req: RQ48119Type of Requisition:PipelineClearance Level Must Currently Possess:NoneClearance Level Must Be Able to Obtain:NoneSuitability:No Suitability RequiredPublic Trust/Other Required:Job Family:Network AdministrationJob Description:General Dynamics Information Technology is actively looking for both Security Analysts and SOC Shift Leads with Nessus and Splunk toolset experience. These individuals will be part of a team that develops and operates security alerts within the robust National Institutes of Health (NIH) Technology Operations Center (TOC) team.In this position, you will have the opportunity to directly impact the lives of millions of Americans by working on systems that increase access to medical research and improves health outcomes across the cancer, opioid and infectious disease spectrum. The ideal candidate will be someone who is looking for continual growth, can think strategically and perform tactically, and mostly importantly, wants to make a positive difference to the people around them.Functional Responsibility: AnalystsThe information security professional will be part of a team involved in the security alert analysis, and maintenance of the toolsets for numerous FISMA systems for a federal health care agency. Specific responsibilities include:* Provides basic Monitoring and Analysis support of computer security events* Detect* Perform initial triage* Report computer security events, in accordance with established processes and procedures* IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics.* Create and track investigations to resolution.* Compose security alert notifications. Advise incident responders in the steps to take to investigate and resolve computer security incidents.Functional Responsibility: Shift Lead* Leading the team to ensure effective and efficient security incident management* Working with the Program Manager, SOC Operations Manager and other shift leads to develop and implement continuous process improvement.* Creating Post Mortem reports and identifying what was done well and what areas could be improved.* Recommending tools, procedures and ideas to further enhance the SOC as a whole* Provide eyes on glass monitoring using various monitoring tools such as Splunk and Nessus* Investigate and verify alerts and reported issues* Escalate issues to the Tier 2 security team when necessaryEducationBachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experienceQualifications* We have multiple levels open to include Shift Leads with leadership experience, analysts with experience in the 5-10 years range along with more SR analysts in the 10-15 year range bringing a background in information security/data security administration.* Must be able to obtain and maintain a Public Trust Clearance.* Experience with Splunk and/or SIEM technologies.Scheduled Weekly Hours:40Travel Required:Less than 10%T elecommuting Options:Telecommuting Not AllowedWork Location:USA MD BethesdaAdditional Work Locations:We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done. \n\nGDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Associated topics: cybersecurity, forensic, identity, identity access management, information assurance, information technology security, malicious, security, security analyst, vulnerability