We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We are seeking an Information Security Analyst to be part of a fast paced, highly skilled team that provides analysis to real-time event data to detect, analyze and respond to security incidents.
Responsibilities: The individual will need to be able to document and communicate effectively with customers and internal teams, assist in the investigation of events and follow-up with corrective actions and reporting.
The individual should have an investigative mindset that allows them to think out of the box as to why events are occurring and provide a rapid, but accurate, response to the emerging threats and trends.
Candidate needs be motivated to learn about new exploits/vulnerabilities and communicate the new threats to peers and leadership.
They will also need to:
· Perform real-time analysis of events and execute notifications and escalations within 60 minutes of event occurrence
· Perform analysis and incident handling 24x7x365 (includes holidays).
· Perform a true and necessary documentation of Incident Handling and analysis, leaving nothing to interpretation.
Essential duties:
· Review and respond to real-time technical information security events and manage incidents
· Document trends and events into database for tracking.
· Be excited about security and interested in communicating, documenting and speaking about security events and incidents.
EDUCATION AND EXPERIENCE: BA/BS or equivalent, 8 years of experience
· Confident and effective communication skills regarding security concerns, issues and events
· Technical across a broad range of network, command line scripting, computing, storage, & encryption methodologies.
· In depth understanding of the IP protocol stack and experience troubleshooting and good experience reading network packet captures
· Understanding and applied experience with NIX & Microsoft operating system platforms
· Experience and ability to conduct detailed network forensic analysis of multiple devices and operating systems.
· Experience in programming using shell scripts, PERL, Ruby, or Python along with the ability to understand, modify, and compile some source code for intrusion testing and developing defensive measures.
· Experience analyzing events from Intrusion Detection Systems (Snort, Sourcefire, Cisco, etc,) and Firewall logs (ASA, Checkpoint, iptables, etc.), and System Logs (Event Logs, Security, syslog, etc.).
· Conduct internal and external incident response functions, coordinating such with outside agencies to provide detailed reports on results of findings and analysis.
· Strong oratory and electronic communications ability to crisply and effectively communicate with customers.
· Desire and ability to maintain focus while analyzing complex events and logs
Desired skills:
· Historical experience with daily monitoring of vendor and other security alerts (CERT, SANS, BugTraq)
· Experience writing Intrusion Detection Signatures and other Network Intrusion Detection Systems.
· Experience and knowledge of modern encryption methods and implementation with web and internet-based security systems
· Ability to train and present security events and incidents to all levels within the organization.
· Experience dealing with network abuse issues.
· Basic navigation and querying in SPLUNK
· Utilize creative methods to monitor, identify and mine trends and incidents within extremely large datasets through statistical and/or automated fashions
· Support an environment for learning and sharing with other analysts and security professionals within the organization on the trends of attack
· Writing white papers or building presentations that can be published/presented internally or to external entities.
WHAT GDIT CAN OFFER YOU
GDIT CAREERS
Opportunity Owned
Click the checkbox next to the jobs that you are interested in.
Access Control Skill
Data Analysis Skill
Fortress Information Security, Patuxent River, MD
Fortress Information Security, Patuxent River, MD