Cyber Information Response Team (CIRT) Analyst

About The Position

Requirements

• 4+ years of practical experience in a Cybersecurity, Engineering, T&E, or A&A-related field.
• Prior experience with cyber incident response, especially on DoD networks; digital forensics
• Must Possess the appropriate baseline certification(s) to achieve a minimum of DoD 8570.01-M Information Assurance Technical (IAT) Level II (i.e., CompTIA Security+ CE) prior to start.
• Will need to obtain an additional computing environment certification within six-months of hire based on position designation. (i.e., CEH, CCNA-Security, CND, etc.).
• Active SECRET security clearance required and must be maintained.
• Bachelor’s degree in information technology, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
• Strong understanding of cybersecurity concepts, including mitigation strategies, root cause analysis, and Red Team operations.
• Familiarity with current cyber defense tools and technologies.
• Excellent oral and written communication skills for both technical and non-technical audiences.
• Strong organizational skills for multitasking and meeting deadlines.
• Ability to work independently, adapt to fast-paced environments, and solve complex problems.
• Collaborative mindset with strong customer service skills.
• Dependability, punctuality, and responsiveness to management.
• Attention to detail, problem-solving capabilities, and analytical thinking.
• Ability to build trust, credibility, and strong working relationships with both customers and team members.

Responsibilities

• Collect and analyze network and/or host artifacts from various sources, including logs, system images, and packet captures, to: characterize activity, determine the root cause and operational impact, and enable rapid remediation and/or mitigation of cyber threats.
• Perform triage of cyber incidents, identifying scope, urgency, and potential impact.
• Provide technical support for real-time cyber defense incident handling tasks.
• Proactively identify and recommend mitigations for vulnerabilities.
• Demonstrate effectiveness through handling Red Team activity and investigation.
• Manage, document, and track cyber defense incidents from detection to resolution.
• Update and maintain Incident Response tactics, techniques, procedures, and training documentation.
• Prepare and conduct training courses related to incident response at least four times per calendar year.
• Support efforts to maintain the customer's CSSP (Cyber Security Service Provider) accreditation, including documentation and technical writing.
• Rapidly respond to time-sensitive security events and work collaboratively under tight deadlines.
• Participate in cross-functional teams and meetings to improve cybersecurity posture.
• Provide on-call and after-hours support as needed.
• Proficiency in collecting and analyzing logs, system images, and other artifacts.
• Investigating and resolving cybersecurity incidents.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.