Cybersecurity Analyst SME
General Dynamics Information Technology, Seaside, CA, United States
Job Title
Security Operations Center Manager
Overview GDIT is seeking a Security Operations Center (SOC) Manager to help support the Defense Manpower Data Center (DMDC) Cybersecurity, Privacy, Records, Information Management, and Environments Support (Cyber Primes) program. The SOC is the central hub of cybersecurity event monitoring, focused on incident detection, triage, and analysis with the objective of providing continuous monitoring and event analysis to quickly identify security concerns/incidents in a timely manner. The SOC team monitors, triages, and analyzes all security alerts, and escalates to Incident Response within the DHRA area of responsibility. Cyber events are triggered 24-hours a day, 7-days a week, 365 days a year (24x7x365).
Responsibilities
Lead the SOC team and provide guidance to less experienced professionals.
Investigate, analyze, and respond to cyber incidents within a network environment or enclave.
Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events and mitigate threats.
Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identify security risks and exposures, determine causes of security violations, and suggest procedures to halt future incidents and improve security.
Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, and investigate and resolve security incidents such as intrusion, fraud, attacks, or leaks.
Develop and maintain Tactics, Techniques, and Procedures (TTPs) for the SOC.
Maintain and provide process improvements on SOC processes and procedures.
Manage cyber incidents, including triage, communication, documentation, and response in accordance with DoW regulations and policies.
Communicate and provide summaries, including presentations, to all levels of leadership.
Manage tasks in accordance with DoW government contracts.
Required Qualifications
Citizenship: US Citizenship required for contract.
Certification(s): One of the following certification from the following: CCNA, CySA+, CFR, GCFA, GCIA, or GICSP.
Education: Bachelor’s degree or experience in lieu of education in Cybersecurity, Information Technology, Computer Science, or a related field.
Years’ Experience: 10+ years of experience in cybersecurity.
Technical Skills:
May serve as a team or task lead.
May coach and provide guidance to less experienced professionals.
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.
Uses data collected from a variety of cyber defense tools to analyze events that occur within their environments for the purpose of mitigating threats.
Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives.
Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, fraud, attacks or leaks.
Develops and maintains Tactics, Techniques and Procedures (TTPs) for the SOC.
Maintains and provides process improvements on SOC processes and procedures.
Manages Cyber Incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies.
Communicates and provides summaries which can include presentations to all levels of leadership.
Manages tasks in accordance with DoW government contracts.
Location: Seaside, CA.
Security Clearance level: Active DOW Top Secret Clearance.
Desired Qualifications
Certification(s): Security+, CISSP.
Benefits
Growth: AI-powered career tool that identifies career steps and learning opportunities.
Support: An internal mobility team focused on helping you achieve your career goals.
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off.
Flexibility: Full-flex work week to own your priorities at work.
Community: Award-winning culture of innovation and a military-friendly workplace.
Other Compensation and Work Details Salary Range: $169,604 - $229,464 (based on experience, location, and contractual requirements).
Scheduled Weekly Hours: 40
Travel Required: Less than 10%
Telecommuting Options: Onsite
Work Location: USA CA Seaside
Equal Opportunity Employer Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr
Overview GDIT is seeking a Security Operations Center (SOC) Manager to help support the Defense Manpower Data Center (DMDC) Cybersecurity, Privacy, Records, Information Management, and Environments Support (Cyber Primes) program. The SOC is the central hub of cybersecurity event monitoring, focused on incident detection, triage, and analysis with the objective of providing continuous monitoring and event analysis to quickly identify security concerns/incidents in a timely manner. The SOC team monitors, triages, and analyzes all security alerts, and escalates to Incident Response within the DHRA area of responsibility. Cyber events are triggered 24-hours a day, 7-days a week, 365 days a year (24x7x365).
Responsibilities
Lead the SOC team and provide guidance to less experienced professionals.
Investigate, analyze, and respond to cyber incidents within a network environment or enclave.
Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events and mitigate threats.
Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identify security risks and exposures, determine causes of security violations, and suggest procedures to halt future incidents and improve security.
Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, and investigate and resolve security incidents such as intrusion, fraud, attacks, or leaks.
Develop and maintain Tactics, Techniques, and Procedures (TTPs) for the SOC.
Maintain and provide process improvements on SOC processes and procedures.
Manage cyber incidents, including triage, communication, documentation, and response in accordance with DoW regulations and policies.
Communicate and provide summaries, including presentations, to all levels of leadership.
Manage tasks in accordance with DoW government contracts.
Required Qualifications
Citizenship: US Citizenship required for contract.
Certification(s): One of the following certification from the following: CCNA, CySA+, CFR, GCFA, GCIA, or GICSP.
Education: Bachelor’s degree or experience in lieu of education in Cybersecurity, Information Technology, Computer Science, or a related field.
Years’ Experience: 10+ years of experience in cybersecurity.
Technical Skills:
May serve as a team or task lead.
May coach and provide guidance to less experienced professionals.
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.
Uses data collected from a variety of cyber defense tools to analyze events that occur within their environments for the purpose of mitigating threats.
Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives.
Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, fraud, attacks or leaks.
Develops and maintains Tactics, Techniques and Procedures (TTPs) for the SOC.
Maintains and provides process improvements on SOC processes and procedures.
Manages Cyber Incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies.
Communicates and provides summaries which can include presentations to all levels of leadership.
Manages tasks in accordance with DoW government contracts.
Location: Seaside, CA.
Security Clearance level: Active DOW Top Secret Clearance.
Desired Qualifications
Certification(s): Security+, CISSP.
Benefits
Growth: AI-powered career tool that identifies career steps and learning opportunities.
Support: An internal mobility team focused on helping you achieve your career goals.
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off.
Flexibility: Full-flex work week to own your priorities at work.
Community: Award-winning culture of innovation and a military-friendly workplace.
Other Compensation and Work Details Salary Range: $169,604 - $229,464 (based on experience, location, and contractual requirements).
Scheduled Weekly Hours: 40
Travel Required: Less than 10%
Telecommuting Options: Onsite
Work Location: USA CA Seaside
Equal Opportunity Employer Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr