Cyber Security Analyst Law Enforcement SME

CYBERSECURITY ANALYST SME

Own your career as a Cybersecurity Analyst SME at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cybersecurity Analyst SME, you will help ensure today is safe and tomorrow is smarter. Our work depends on you joining our team.

THE PROGRAM:

Work on the program responsible for continually monitoring, detecting, and responding to security incidents that may occur on the networks, IT services, and systems of a large Federal agency where you will be part of a centralized command and control environment, ensuring seamless collaboration among security analysts, threat intelligence teams, streamlined incident response workflows, collaborative intelligence-sharing platforms, and stakeholders in addition to facilitating the collection and correlation of data from various sources, supporting the mission to detect, respond to, and mitigate cyber threats promptly.

You will be part of the watch floor team which operates around the clock, 24/7, 365 days a year, to ensure the timely detection and resolution of potential security incidents, thereby minimizing the impact of cyber threats on the organization. The watch floor team is responsible for actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats. Serving as the operational hub, the watch floor plays a critical role in safeguarding the confidentiality, integrity, and availability of the organization's information assets.

KEY RESPONSIBILITIES

• Monitor/analyze security alerts and incidents in real-time using advanced security tools.

• Respond to and provide thorough analysis and documentation for security incidents.

• Collaborate with the Watch Floor Team and other cybersecurity professionals to develop, implement, and maintain cybersecurity strategies, policies, procedures, and incident response plans.

• Prepare threat assessments and vulnerability analyses to identify vulnerabilities and improve defense strategies.

• Reports and briefings to leadership on security incidents, trends, and recommendations to enhance the agency security posture

•  Utilize Splunk Enterprise Security and Microsoft Sentinel for monitoring and analyzing security events.

• Maintain currency on the latest cybersecurity trends, threats, and technologies.

WHAT YOU’LL NEED TO SUCCEED:

8+ years’ experience with:

• Cybersecurity principles, practices, and frameworks, including Incident Response Frameworks, Executive Orders and National Cybersecurity Strategies, CIS Controls, ISO/IEC 27001, NIST Cybersecurity Framework and Federal Information Security Management Act (FISMA)

• Compliance requirements and regulations relevant to cybersecurity, such as GDPR, HIPAA, and PCI DSS, ensuring adherence to industry standards

• Security information and event management (SIEM) tools

• Collaboration with SOC analysts and other security stakeholders to understand the organization's security needs and translate them into actionable use cases

•  Documentation skills to create and maintain comprehensive incident response procedures, playbooks, and detailed reports on security incidents

● Software Experience

• Splunk Enterprise Security Software (required)

• Security information and event management (SIEM) experience (required) with Microsoft Sentinel Software (preferred)

● Certification (one of the following is preferred)

• GIAC Continuous Monitoring (GMON)

• GIAC Certified Incident Handler (GCIH)

• GIAC Certified Forensic Analyst (GCFA)

• GIAC Certified Intrusion Analyst (GCIA)

• GIAC Network Forensic Analyst (GNFA)

● Education:

Minimum Education: Bachelors in Cybersecurity, Information Technology or a related field and minimum of 8 years’ experience.

Substitutions Allowed: No Degree- 12 years; Associates- 10 years; Master's- 6 years; Ph.D.- 4 years

● Security Clearance Level:

Top Secret (TS) level with the ability to obtain access to Sensitive Compartmented Information (TS/SCI)

● Location: Onsite

● US Citizenship Required

GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays