Cyber Security Operations Center (CSOC) Analyst

Job Description:

Cyber Security Operations Center (CSOC) Analyst

At GDIT, people are our differentiator. As a CSOC Analyst working within the Security Operation Center (SOC) team, you will be responsible for proactively searching for indicators of compromise on systems through planned Threat Hunt missions. Your leadership and technical skills will play a vital role in safeguarding our organization's critical assets and ensuring the integrity of our information systems.

HOW A CYBER SECURITY ANALYST ADVISOR WILL MAKE AN IMPACT:

● Provide Cyber Security/Threat Hunting expertise and deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services

● Proactively search and identify indicators of compromise and anomalous behavior which is indicative of malicious behavior that has not yet met the event/incident threshold, or has not been detected by automated security tools

● Assess data from multiple sources and navigates the cyber terrain to identified suspicious behavior

● Provide input to the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report

● Identify potential conflicts with implementation of any CND tools within the enterprise and develop recommendations to remediate these conflicts

● Demonstrate systems experience using Security Information and Event Management (SIEM) and and Incident Response analysis

● Knowledge of Network Intrusion Detection System/Intrusion Prevention Systems (NIDS/IPS) as well as Host Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

● Knowledge of Security Orchestration Automation and Response (SOAR), Endpoint and Network Detection and Response (EDR/NDR) and User Behavior Analytics (UBA)

● Ability to demonstrate strong analytical and problem-solving, and also leverage interpersonal, organizational, writing, communications, and briefing skills

● Ability to work within a team environment to meet security challenges, by documenting requirements and researching solutions, and providing recommendations for resolution

● Will use experience developing in Bash, Perl, Shell, PowerShell, SQL, D3, HTML, XML, CSS, Bash, JAVA and/or Python scripts, as well as experience writing Splunk queries in Splunk Programming Language (SPL).

WHAT YOU’LL NEED TO SUCCEED:
● Education: BS/BA degree or equivalent work experience and technical certs/training.
● Required Experience: 5+ years of related experience in Cyber Security and Threat Hunting.

● Required: DoD 8570 certs: CEH cert is required but will also consider CCSP (Certified Cloud Security Professional), GSOC, CFR, GCIH, GCIA and/or GSEC

● Required Technical Skills: Cyber Security and Threat Hunting work experience
● Security Clearance Level: Active TS/SCI required

● US Citizenship Required due to the TS/SCI clearance requirement.
● Required Skills and Abilities: Communication, presentation, problem solving, analytical skills, detail oriented, and knowledge of server and client operating systems.
● Preferred Skills: Knowledge of current and emerging threats/threat vectors, and vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)
● Location: On Customer Site in Newington VA, Monday through Friday, 1st shift only. No weekends or nights.

GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from and make an impact on the world around you.
● Rest and recharge with paid vacation and holidays

#OpportunityOwned

#GDITCareers

#GDITLife

#WeAreGDIT

#ARMA

The likely salary range for this position is $136,000 - $184,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

40

Travel Required:

Less than 10%

Telecommuting Options:

Onsite

Work Location:

USA VA Newington