Cyber Security Incident Response Analyst - TS/SCI with Polygraph

About The Position

Requirements

• 8 + years of related experience
• US Citizenship Required
• Skill in preserving evidence integrity according to standard operating procedures or national standards.
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Knowledge of cyber defense and information security policies, procedures, and regulations.
• Skill in protecting a network against malware.
• Knowledge of incident categories, incident responses, and timelines for responses.
• Knowledge of incident response and handling methodologies.
• Skill in performing damage assessments.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles
• Skill in securing network communications.
• Skill in using security event correlation tools.
• Knowledge of network services and protocols interactions that provide network communications.
• Knowledge of cloud service models and how those models can limit incident response.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• Knowledge of system administration, network, and operating system hardening techniques.
• Knowledge of different classes of attacks
• Knowledge of cyber attackers
• Knowledge of cyber attack stages
• Knowledge of malware analysis concepts and methodologies.
• Skill of identifying, capturing, containing, and reporting malware.
• Knowledge of system and application security threats and vulnerabilities
• Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
• Location: McLean, VA
• Core Hours: 9:00 am – 5:00 pm; some flexibility
• Education: Bachelor's Degree (Computer Engineering, Computer Science, Electrical Engineering, Information Systems, Information Technology, Cybersecurity, or a closely related discipline)
• Required Experience: 8+ years with a minimum of 3 years experience in Incident Response and/or Computer Forensic Analyst positions
• Clearance: TS/SCI with Polygraph
• Certifications: Must meet Department of Defense (DOD) 8570.01-M baseline certification requirement for Information Assurances Technical (IAT) Level III CASP+CE, CCNP Security, CISA, or CISSP or Associate, GCED, GCIH, or CCSP

Responsibilities

• Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
• Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
• Coordinate incident response functions within a cloud environment.
• Monitor external data sources to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.
• Perform cyber defense trend analysis and reporting.
• Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Write and publish after-action reviews.
• Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.