Cyber Security Analyst Tier III

About The Position

Requirements

• Technical Training, Certification(s) or Degree
• 8 or more years of related experience
• Demonstrated Cyber Ark experience
• Demonstrated Splunk experience
• An ability to obtain certification to meet DoD IAT Level III and CSSP Analyst (DoD 8570) requirements within 6 months of starting the position: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, and/or PenTest+
• Ability to obtain and maintain a public trust
• Louisiana Residency, living within a reasonable commutable distance (approximately 60 miles or less) of the Bossier City facility

Nice To Haves

• 10 or more years of relevant experience
• Strong analytical, organizational and project management skills
• Ability to create and manage vulnerability management dashboards in Splunk
• Understanding of networking fundamentals, the OSI model, and TCP/IP protocols
• Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.)
• Experience reviewing network, host and application audit logs (system, security, etc.)
• Relevant security certifications (Network+, CEH, CCNA, etc.)
• Familiarity of security standards (NIST, FISMA, Fed RAMP, DCID, CNSS and DoD 8500)
• Knowledge of cloud IT solutions and security considerations of cloud solution deployment
• Experience with any SIEM or log aggregation system, Splunk preferred

Responsibilities

• Provide expertise with Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), Threat Hunting/Intelligence, and customer facing escalations, containment/remediation activities.
• Provide technical support on event network security logs and trend analysis.
• Detect the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others).
• Uncover and pinpoint security violations of compromised systems and devices
• Correlate security events from various capabilities to identify attacks and breaches.
• Analyze and acts on intelligence information to secure customer networks and devices
• Recognize successful and unsuccessful intrusion attempts and compromises.
• Triage security events utilizing relevant details and summary information.
• Prepare incident reports of analysis methodology and results.
• Observe, document and report actions taken by malicious actors in customer networks.
• Accurately and appropriately prioritize and escalate incidents.
• Examine malware analysis reports and other reporting from incidents to correlate similar events.
• Conduct log and system analysis for various system, and network and security devices.
• Document emerging threat intelligence and reported IOCs for security tool integrations.
• Create and update rules or signatures in security tools and applications.
• Escalate identified security incidents to the appropriate teams or POCs.
• Recommend appropriate methods of system remediation and threat mitigation, as needed.
• Maintain a current understanding of the best practices and strategies used in cyber security.
• Motivate self and co-workers to expand knowledgebase and capabilities.
• Develop lessons learned documentation, reporting, and playbooks/SOPs for response within the environment.
• Provide content engineering expertise to include analyzing, designing, developing and delivering solutions to stop adversaries.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.