Junior Cyber Security Analyst - TS/SCI with Polygraph

General Dynamics Information Technology•Colorado Springs, CO

1d•Onsite

About The Position

Own your career as a Cyber Intrusion Detection System Administrator at GDIT. Here, you’ll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients’ missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Intrusion Detection System Administrator you will help ensure today is safe and tomorrow is smarter. This role involves monitoring day-to-day operations of the sensors (Suricata, Palo Alto, and Splunk) located at supporting customer's locations. You will perform Enterprise Defense Countermeasure (DC) activities and coordinate with other government agencies to record and prepare incident reports and analysis methodology and results. The position also requires monitoring and analyzing signature alerts from Intrusion Detection/Prevention Systems (IDS/IPS) for false positives, providing technical enforcement of organizational security policies, and offering “tune-or-drop” recommendations towards the DC team’s Signature Lifecycle Review procedure. You will provide insight to Detection and Response teams on signature functionality and provide signature tuning as needed, communicate clearly with customers and teammates, maintain current knowledge of relevant technology, and participate in special projects as required.

Requirements

Bachelor's Degree and 2+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered.
Splunk Core Certified user
DoDD 8140/DoD 8570 CNDSP Analyst Base line cert (example CEH, CySA+, GCIA, GCIH, CFR, etc)
DoD IAT II (example Security+, CySA+, GSEC, SSCP, etc)
Security Clearance Level: TS/SCI clearance and ability to pass a Polygraph.
Experience with regular expressions.
Experience authoring Yara rules.
Experience with Perl Compatible Regular Expressions (PCRE).

Nice To Haves

Experience in intrusion detection and prevention systems.
Proficient in network security technologies and protocols.
Dashboarding in Splunk.
Palo Alto Certification Next-Generation Firewall

Responsibilities

Monitor day-to-day operations of the sensors (Suricata, Palo Alto, and Splunk) located at supporting customer's locations.
Perform Enterprise Defense Countermeasure (DC) activities and coordination with other government agencies to record and prepare incident reports and analysis methodology and results.
Monitor and analyze signature alerts from Intrusion Detection/Prevention Systems (IDS/IPS) for false positives.
Provide technical enforcement of organizational security policies.
Provide “tune-or-drop” recommendations towards the DC team’s Signature Lifecycle Review procedure.
Provide insight to Detection and Response teams on signature functionality and providing signature tuning as needed.
Communicate with customers and teammates clearly and concisely.
Maintain current knowledge of relevant technology as assigned.
Participate in special projects as required.

Benefits

401K with company match
Comprehensive health and wellness packages
Internal mobility team dedicated to helping you own your career
Professional growth opportunities including paid education and certifications
Cutting-edge technology you can learn from
Rest and recharge with paid vacation and holidays
A variety of medical plan options, some with Health Savings Accounts
Dental plan options
A vision plan
A 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
Full flex work weeks where possible
A variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
Short and long-term disability benefits
Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance