SOC Cyber Security Analyst

Req ID: RQ172698Type of Requisition: RegularClearance Level Must Be Able to Obtain: SecretJob Family: Information SecuritySkills:Cyber Defense,Cybersecurity,Information Assurance,Information Systems,Systems SecurityCertifications:Security+, CE - CompTIA-Security+ CE, Certified Ethical Hacker (CEH) - EC Council, Cisco Certified Network Associate (CCNA) Security - Cisco SystemsExperience:4 + years of related experienceUS Citizenship Required:YesJob Description:We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important. GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can’t turn into opportunity.At GDIT, people are our differentiator. We are seeking a Systems Operation Center Cyber Security Analyst to provide timely and professional cyber support. To be successful in this position you need to be collaborative and willing to work within a team. While you will need to be a self-starter, completing tasks on your own, working together is critical in this role. You will be interfacing with users and senior staff. Therefore, you should be articulate in your communications. You will need to explain technical intricacies to end users in a way that is easily understood. You will need to maintain a high-level customer service focus, exhibiting expertise, courtesy, timeliness, and professionalism. Provide technical support and troubleshooting services for incoming queries and issues related to computer systems, software, and hardware and assist the Service Desk Manager as needed.This is an IT Service Management contract in support of the operation, modernization, expansion, and further evolution of the ARNG’s global Information Technology (IT) services including networking, compute, storage, infrastructure, applications, hosting, and program management services. The GECOS program supports the ARNG enterprise IT infrastructure, its Wide Area Network (WAN), authentication and directory services, cybersecurity, application hosting, and associated services. GECOS uses ITIL best practices framework as the basis for IT Service Management (ITSM) model.Work Location and Shift Schedule:Selected candidate will support full-time onsite at our Fairview Park/Falls Church, VA facility. This role follows a BOW-N work schedule: Alt-Sat/Sun/Mon/Tue 1900-0700.How the SOC Cyber Security Analyst will make an impact:Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators.Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to halt future incidents and improve security.Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.Correlates data feeds and logs to analyze with known threats and incidents, build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data. Provides guidance to junior-level staff, as necessary.May coach and provide guidance to less-experienced professionals.May serve as a team or task lead .Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.Assists in the implementation, management, and administration of the organization’s structure and workflow within eMASS.Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).Assists in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.Assists ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.Assists in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.What you’ll need to succeed (Required Qualifications):Bachelor’s Degree and a minimum of 4 years related technical experience required. An additional 4 years of experience may be substituted in lieu of a degree.Minimum of an active Secret security clearance is required.Must Possess the appropriate baseline certification(s) to achieve DoD 8570.01-M Information Assurance Technical (IAT) Level II (Security+). In addition, selected candidate will need to possess/obtain an additional certification within six-month of hire to include one of the CSSP sections certifications (i.e., CEH, CCNA-Security, CND, etc.).Demonstrated experience supporting DoD 2875 account request processes and the ACTCS training system .Must have customer service experience as this position will require candidate to engage with senior military and government leadership.Must be able to present your ideas clearly through briefings, meetings, and interaction with leadership of different skill sets.Must be able to provide training sessions as required.Must be able to engage with stakeholders to ensure tasks are progressing and meeting timelines.Selected candidate will support full-time onsite at our Fairview Park/Falls Church, VA facility. This role follows a BOW-N work schedule: Alt-Sat/Sun/Mon/Tue 1900-0700.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.