General Dynamics is hiring: Cybersecurity Analyst Principal in Bossier City

Job Description

Type of Requisition: RegularClearance Level Must Currently Possess: NoneClearance Level Must Be Able to Obtain: NonePublic Trust/Other Required: BI Full 6C (T4)Job Family: Cyber and IT Risk Management

Job Qualifications: Skills: Cybersecurity, Information Security, Information Technology (IT)Certifications: NoneExperience: 5 + years of related experienceUS Citizenship Required: Yes

Advance your career while impacting our national security in cyber as a Cybersecurity Analyst Principal at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.MEANINGFUL WORK AND PERSONAL IMPACT
As a Cybersecurity Analyst Principal, the work you’ll do at GDIT will be impactful to the mission of the US Department of Education’s Portfolio of Integrated Value-Oriented Technologies (PIVOT). You will play a crucial role via the following responsibilities:

• Oversee the daily operations of the SOC and plans shift activities
• Works closely with Incident Management Team
• Must be willing to lead major incident management process, supports Agency leadership during the activation of major/escalated incidents
• Develop, author, and deliver process improvements for the SOC in order to maintain operational readiness for incident response
• Monitor and report on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are met
• Partner with IT leadership and teams to support operational issues and prepare for potential incidents
• Support annual updates of the incident response concept of operations document
• Support annual incident response tabletop exercises
• Lead, mentor, and coach SOC I and SOC II staff members
• Work as part of a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
• Carry out triage on security events, coordinate incidents with Incident Management Team, IT operations, network engineering, and application teams and support the Incident Management process
• Identify and respond to incidents, to prevent or limit damage to assets, and report incidents
• Detect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from incidents
• Development of advanced analytics and countermeasures to protect critical assets
• IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics
• Supports the production and maintenance standard operational processes and procedures and playbooks for use by all shift personnel
• Provide enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware tracking
• Assess, identify, and remediate of the individuals and/or systems affected
• Coordinate all information security incidents complied with timeline specifics
• Coordinate the development of reports from the SIEM, NIDS, and HIDS
• Remain up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediation
• Perform other tasks consistent with the goals and objectives of the department/contract
• Perform other duties as assigned by Senior Program Executive
• Responsible to fully document assigned tickets to show all work performed in order to pass SLRs
• Responsible to manage team to fully document assigned tickets to show all work performed in order to pass SLRs

What You'll Need to Succeed

Bring your cyber expertise and drive for innovation to GDIT. The Cybersecurity Analyst Principal must have: Education: Technical Training, Certification(s) or DegreeExperience: 5+ years of related experience

Required Skills:

• Experience composing threat reports and other management level communications
• Leadership experience of teams of 5 or more
• Vulnerability Management — Nessus Vulnerability Scanning
• Configuration Management – STIG/SCAP compliance baselines for windows, mac, linux
• Splunk SEIM / Log Aggregation experience
• Cloud Security – Familiarity with FedRAMP for IaaS, PaaS, SaaS
• Experienced Incident Response Team (IR/IRT) troubleshooting, root cause analysis and remediation verification.
• Knowledge of Identity Management, ICAM/IDAM and authorization, least privilege, reducing unauthorized elevated access.
• Firewall Understanding including basic networking, sub-netting, IDS, NAT, ACL’s
• Penetration Test Response and Remediation
• DevSecOps — software development lifecycle security –scanning across the lifecycle and baking in application security for developers and containers
• Microsoft Defender for Endpoint experience

Preferred Skills

• ServiceNow ticketing and reporting experience
• Linux, Windows, and Active Directory experience
• Experience with Tenable and Palo Alto network security solutions
• Cloud and mobile device experience
• ForeScout CounterAct, DLP solutions and Cylance AV
• CISSP certification

Security Clearance Level: Must be able to obtain a position of Public Trust with the US Department of Education
US Citizenship Required
Location: Hybrid at GDIT’s Integrated Technology Center in Bossier City, LA

Salary Range: $102,000 – $138,000 (dependent on experience and location)

Travel Required: Less than 10% Telecommuting Options: Hybrid Work Location: USA LA Bossier City

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans