General Dynamics Information Technology
Cybersecurity Systems Administrator
General Dynamics Information Technology, Tampa, Florida, us, 33646
Information Cybersecurity Systems Administrator
Advance your career while impacting our national security in cyber as an Information Cybersecurity Systems Administrator at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.
Meaningful Work and Personal Impact As a Cybersecurity Systems Administrator, the work you’ll do at GDIT will be impactful to the mission of UISCENTCOM. You will play a crucial role in providing cyber technical support for the Cyber Operations Security Operations Center (CSOC). Support will consist of configuring, tuning, optimizing, and maintaining critical security infrastructure to safeguard the organization’s digital assets against evolving cyber threats. You’ll be responsible for overseeing the operation and maintenance of essential cybersecurity systems, including Security Information and Event Management (SIEM), Endpoint Detection Response (EDR) systems, network access control (Comply-to-Connect), and Security Orchestration, Automation, and Response (SOAR) platforms.
Responsibilities
Configuration and Optimization
Collaborate with cybersecurity stakeholders to define and implement effective configurations for SIEM, EDR, and network access control solutions.
Customize and optimize alert rules, correlation searches, and detection mechanisms within SIEM to align with security requirements and organizational objectives.
Deploy new SIEM instances including clustered deployments and apps.
Fine-tune EDR policies, rulesets, and scanning parameters to enhance endpoint visibility and threat detection capabilities.
Configure network access control policies for the comply-2-connect solution to enforce security posture and mitigate risks associated with unauthorized devices.
Ability to support Linux environment, editing and maintaining Splunk configuration files and apps.
Work with other Cybersecurity Engineering team members and interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
Integrate cyber tools with a variety of legacy data sources.
Maintenance and Support
Conduct routine maintenance tasks, such as software updates, patches, and performance tuning, to ensure the reliability and efficiency of cybersecurity systems.
Provide timely support and troubleshooting assistance to address issues and incidents related to SIEM, EDR, C2C, and SOAR platforms, collaborating with vendors or higher-level support as necessary.
Perform regular system audits and health checks to identify vulnerabilities, misconfigurations, or performance issues, implementing corrective actions as needed.
Provide occasional presentations of tool capabilities to leadership.
Policy Development and Compliance
Develop and enforce configuration standards, security policies, and operational procedures for cybersecurity systems, ensuring compliance with regulatory requirements and industry best practices.
Monitor compliance with security policies and regulations through audits, assessments, and reporting activities, taking corrective actions to address any deviations or gaps.
Collaborate with compliance and audit teams to streamline regulatory compliance efforts and demonstrate adherence to security standards.
Integrate cybersecurity systems with other security controls, data sources, and IT infrastructure components to create a cohesive security ecosystem.
Develop and maintain automation scripts, playbooks, and workflows within the SOAR platform to automate routine tasks, orchestrate incident response processes, and enhance operational efficiency.
Explore opportunities for innovation and continuous improvement by leveraging automation, orchestration, and integration with emerging technologies and industry trends.
Training and Knowledge Sharing
Provide training sessions and document processes to empower internal teams with the knowledge and skills required to effectively utilize cybersecurity systems.
Share expertise, best practices, and lessons learned with colleagues through formal and informal channels, fostering a culture of collaboration and knowledge sharing within the cybersecurity team.
What You’ll Need to Succeed
Education : Bachelor’s degree in Information Systems, Computer Science, Computer Engineering, or another related field.
Certification : Applicable DoD 8140 or DoD 8570 Certification.
Experience : 5+ years of related experience.
Technical Skills
Proficiency in Linux environments, including system administration tasks and shell scripting for automation and customization.
Solid understanding of cybersecurity principles, threat landscapes, and best practices for configuring and tuning security tools.
Strong analytical skills and attention to detail, with the ability to troubleshoot complex technical issues and optimize system performance.
Excellent communication and collaboration skills, with the ability to interact effectively with technical and non-technical stakeholders.
Demonstrated ability to work independently, prioritize tasks, and meet deadlines in a dynamic and fast-paced environment.
Desired Skills
Prior CENTCOM/COCOM experience.
Previous SOC experience is a plus.
Previous cyber system administration is a plus.
Linux experience.
Required Security Clearance Level : TS/SCI.
U.S. Citizenship
required.
GDIT Is Your Place
Growth: AI-powered career tool that identifies career steps and learning opportunities.
Support: An internal mobility team focused on helping you achieve your career goals.
Rewards: Comprehensive benefits and wellness packages, 401(k) with company match, competitive pay, and paid time off.
Community: Award‑winning culture of innovation and a military‑friendly workplace.
Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA FL MacDill AFB
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr
Meaningful Work and Personal Impact As a Cybersecurity Systems Administrator, the work you’ll do at GDIT will be impactful to the mission of UISCENTCOM. You will play a crucial role in providing cyber technical support for the Cyber Operations Security Operations Center (CSOC). Support will consist of configuring, tuning, optimizing, and maintaining critical security infrastructure to safeguard the organization’s digital assets against evolving cyber threats. You’ll be responsible for overseeing the operation and maintenance of essential cybersecurity systems, including Security Information and Event Management (SIEM), Endpoint Detection Response (EDR) systems, network access control (Comply-to-Connect), and Security Orchestration, Automation, and Response (SOAR) platforms.
Responsibilities
Configuration and Optimization
Collaborate with cybersecurity stakeholders to define and implement effective configurations for SIEM, EDR, and network access control solutions.
Customize and optimize alert rules, correlation searches, and detection mechanisms within SIEM to align with security requirements and organizational objectives.
Deploy new SIEM instances including clustered deployments and apps.
Fine-tune EDR policies, rulesets, and scanning parameters to enhance endpoint visibility and threat detection capabilities.
Configure network access control policies for the comply-2-connect solution to enforce security posture and mitigate risks associated with unauthorized devices.
Ability to support Linux environment, editing and maintaining Splunk configuration files and apps.
Work with other Cybersecurity Engineering team members and interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.
Integrate cyber tools with a variety of legacy data sources.
Maintenance and Support
Conduct routine maintenance tasks, such as software updates, patches, and performance tuning, to ensure the reliability and efficiency of cybersecurity systems.
Provide timely support and troubleshooting assistance to address issues and incidents related to SIEM, EDR, C2C, and SOAR platforms, collaborating with vendors or higher-level support as necessary.
Perform regular system audits and health checks to identify vulnerabilities, misconfigurations, or performance issues, implementing corrective actions as needed.
Provide occasional presentations of tool capabilities to leadership.
Policy Development and Compliance
Develop and enforce configuration standards, security policies, and operational procedures for cybersecurity systems, ensuring compliance with regulatory requirements and industry best practices.
Monitor compliance with security policies and regulations through audits, assessments, and reporting activities, taking corrective actions to address any deviations or gaps.
Collaborate with compliance and audit teams to streamline regulatory compliance efforts and demonstrate adherence to security standards.
Integrate cybersecurity systems with other security controls, data sources, and IT infrastructure components to create a cohesive security ecosystem.
Develop and maintain automation scripts, playbooks, and workflows within the SOAR platform to automate routine tasks, orchestrate incident response processes, and enhance operational efficiency.
Explore opportunities for innovation and continuous improvement by leveraging automation, orchestration, and integration with emerging technologies and industry trends.
Training and Knowledge Sharing
Provide training sessions and document processes to empower internal teams with the knowledge and skills required to effectively utilize cybersecurity systems.
Share expertise, best practices, and lessons learned with colleagues through formal and informal channels, fostering a culture of collaboration and knowledge sharing within the cybersecurity team.
What You’ll Need to Succeed
Education : Bachelor’s degree in Information Systems, Computer Science, Computer Engineering, or another related field.
Certification : Applicable DoD 8140 or DoD 8570 Certification.
Experience : 5+ years of related experience.
Technical Skills
Proficiency in Linux environments, including system administration tasks and shell scripting for automation and customization.
Solid understanding of cybersecurity principles, threat landscapes, and best practices for configuring and tuning security tools.
Strong analytical skills and attention to detail, with the ability to troubleshoot complex technical issues and optimize system performance.
Excellent communication and collaboration skills, with the ability to interact effectively with technical and non-technical stakeholders.
Demonstrated ability to work independently, prioritize tasks, and meet deadlines in a dynamic and fast-paced environment.
Desired Skills
Prior CENTCOM/COCOM experience.
Previous SOC experience is a plus.
Previous cyber system administration is a plus.
Linux experience.
Required Security Clearance Level : TS/SCI.
U.S. Citizenship
required.
GDIT Is Your Place
Growth: AI-powered career tool that identifies career steps and learning opportunities.
Support: An internal mobility team focused on helping you achieve your career goals.
Rewards: Comprehensive benefits and wellness packages, 401(k) with company match, competitive pay, and paid time off.
Community: Award‑winning culture of innovation and a military‑friendly workplace.
Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA FL MacDill AFB
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr