Cybersecurity Analyst SME
General Dynamics Information Technology, Alexandria, VA, United States
Job Description
GDIT is seeking a Security Operations Center Manager to help support the Defense Manpower Data Center (DMDC) Cybersecurity, Privacy, Records, Information Management, and Environments Support (Cyber Primes) program.
As a Security Operations Center (SOC) Manager, you will be part of a team who is responsible for securing the operations for DMDC and DHRA’s networks via the SOC.
The SOC is the central hub of cybersecurity event monitoring, focused on incident detection, triage, and analysis with the objective of providing continuous monitoring and event analysis to quickly identify security concerns/incidents in a timely manner.
The SOC team is responsible for monitoring, triage, and analysis of all security alerts, along with escalation to Incident Response within the DHRA area of responsibility. Cyber events are triggered 24 hours a day, 7 days a week, 365 days a year (24x7x365).
Responsibilities
Citizenship: US Citizenship required for contract
Certification(s): One of the following certification from the following: CCNA, CySA+, CFR, GCFA, GCIA, or GICSP
Education:
Bachelor’s degree or experience in lieu of education in Cybersecurity, Information Technology, Computer Science, or a related field.
Years’ Experience: 10+ years of experience in cybersecurity
Technical skills :
May serve as a team or task lead
May coach and provide guidance to less experienced professionals
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purpose of mitigating threats
Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events; evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software
Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks
The ability to develop and maintain Tactics, Techniques and Procedures (TTPs) for the SOC
The ability to maintain and provide process improvements on SOC processes and procedures
The ability to manage cyber incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies.
The ability to communicate and provide summaries which can include presentations to all levels of leadership
The ability to manage tasks in accordance with DoW government contracts
Location:
Seaside, CA
Security Clearance level:
Active DOW Top Secret Clearance
Desired Qualifications
Certification(s): Security+, CISSP
Compensation The likely salary range for this position is $169,604 - $229,464. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Benefits Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
Growth: AI-powered career tool that identifies career steps and learning opportunities
Support: An internal mobility team focused on helping you achieve your career goals
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
Flexibility: Full-flex work week to own your priorities at work
Community: Award-winning culture of innovation and a military-friendly workplace
EEO Statement Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr
As a Security Operations Center (SOC) Manager, you will be part of a team who is responsible for securing the operations for DMDC and DHRA’s networks via the SOC.
The SOC is the central hub of cybersecurity event monitoring, focused on incident detection, triage, and analysis with the objective of providing continuous monitoring and event analysis to quickly identify security concerns/incidents in a timely manner.
The SOC team is responsible for monitoring, triage, and analysis of all security alerts, along with escalation to Incident Response within the DHRA area of responsibility. Cyber events are triggered 24 hours a day, 7 days a week, 365 days a year (24x7x365).
Responsibilities
Citizenship: US Citizenship required for contract
Certification(s): One of the following certification from the following: CCNA, CySA+, CFR, GCFA, GCIA, or GICSP
Education:
Bachelor’s degree or experience in lieu of education in Cybersecurity, Information Technology, Computer Science, or a related field.
Years’ Experience: 10+ years of experience in cybersecurity
Technical skills :
May serve as a team or task lead
May coach and provide guidance to less experienced professionals
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purpose of mitigating threats
Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events; evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software
Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks
The ability to develop and maintain Tactics, Techniques and Procedures (TTPs) for the SOC
The ability to maintain and provide process improvements on SOC processes and procedures
The ability to manage cyber incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies.
The ability to communicate and provide summaries which can include presentations to all levels of leadership
The ability to manage tasks in accordance with DoW government contracts
Location:
Seaside, CA
Security Clearance level:
Active DOW Top Secret Clearance
Desired Qualifications
Certification(s): Security+, CISSP
Compensation The likely salary range for this position is $169,604 - $229,464. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Benefits Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
Growth: AI-powered career tool that identifies career steps and learning opportunities
Support: An internal mobility team focused on helping you achieve your career goals
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
Flexibility: Full-flex work week to own your priorities at work
Community: Award-winning culture of innovation and a military-friendly workplace
EEO Statement Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr