Cybersecurity Operations Analyst

2 weeks ago

Springfield, Virginia, United States General Dynamics Information Technology Full time

Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Top Secret SCI + Polygraph

Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph

Suitability:

Public Trust/Other Required:

Job Family:
Cyber Security

Job Qualifications:


Skills:
Cybersecurity, HP ArcSight, SIEM Tools

Certifications:

Experience:
3 + years of related experience

US Citizenship Required:
Yes

Job Description:

Key Responsibilities Include:
Deliver comprehensive preventative and corrective maintenance to guarantee consistent, reliable, and secure service availability.

This encompasses all necessary actions to restore the service to full operational capability, including vendor RMA processes, removal and proper disposal of malfunctioning equipment/software, installation and testing of new equipment/software, and configuration of new equipment/software. Maintain system availability and reliability with a target threshold of 99.99%. Identify and ticket degradations (volume/velocity) of all SIEM data flows within 60 minutes of the onset of the degradation. Conduct routine maintenance and specific scheduled maintenance activities based on manufacturer-recommended service intervals, alerts, bulletins, available patches, and updates in accordance with agency-approved change management processes.

This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the CSOC knowledge management platform. Execute emergency maintenance actions with sufficient urgency to prevent unacceptable outage durations, approved by the Government prior to execution, and coordinated through and approved by CSOC and ESC government management. Perform all development, engineering, testing, integration, and implementation actions necessary for significant vendor revisions. Conduct continuous engineering assessments to enhance the performance, effectiveness, coverage, and maturity of this service.

Retain documentation regarding loss of event logs (e.g., June 5-7th DNS logs were not ingested from SBU and are lost). Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in compliance with all Federal, DoD, IC, and NGA laws, directives, orders, policies, guidance, and procedures.

Perform all development, design, engineering, testing, integration, and implementation actions required for the total integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list.

This includes ensuring all data flows are accurately parsed for

ingestion/transmission

to internal and external automated reporting systems (e.g.,

JFHQ DoDIN – Joint Incident Management System, DoD CIO – DoD Scorecard/Get to Green reporting, IC CIO – Cybersecurity Performance Evaluation Model reporting, etc.)

Utilize agency-approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions. Employ various monitoring, analysis, and visualization tools to assess effectiveness, status, performance metrics, and other information as required by Government staff and contractors assigned to Cybersecurity Operations Services and Cybersecurity Readiness Services.

Required

Skills:


SIEM experience with one of the following: ArcSight, Elasticsearch, Splunk, Event Broker, User Behavioral Analysis (UBA). Experience providing support to Cybersecurity Operations Cell (CSOC) in creating alerting rules. Create SIEM playbooks. Linux (RHEL) Expert (administration and engineering). Proficient in manipulating SIEM filters to better identify and analyze potential malicious/atypical activity and reduce false positives. Experience with content development within ArcSight and Kibana to facilitate Cyber Analysts' ability to investigate malicious events. Creation of ArcSight rules based on use cases of malicious events. Tuning and aggregation of queries and filters. Skilled in troubleshooting event flow through Enterprise Audit infrastructure. Skilled in troubleshooting event format and parsing for ingestion into data storage and into SIEM tools. Active TS/SCI Clearance. DoD M IAT Level II and CSSP Infrastructure Support certifications. 3+ years' Experience with SIEM and Development Projects. 3+ years' Experience with SIEM support for projects and technical exchange meetings. 6+ years' Experience developing and maintaining enterprise audit projects.

Desired

Skills:
Kibana Data Analytics

Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.


Utilizes data collected from various cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events occurring within their environments for the purpose of mitigating threats.


Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.


Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.

Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.

Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to prevent future incidents and enhance security.

Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for potential impact on system security, and the investigation and resolution of security incidents such as intrusion, fraud, attacks, or leaks.

May coach and provide guidance to less experienced professionals.

May serve as a team or task lead.

EDUCATION AND EXPERIENCE:
Technical Training, Certification(s) or Degree, 5+ years of experience

Scheduled Weekly Hours:
40

Travel Required:
None

Telecommuting Options:
Onsite

Total Rewards at GDIT:


Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.

To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement, and jury duty leave.

To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness, and business travel and accident insurance are provided or available.

We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT.

A global technology and professional services company that delivers consulting, technology, and mission services to every major agency across the U.S. government, defense, and intelligence community.

Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation.

We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber, and application development.

Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.


We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day.

We create opportunities for our people to lead and learn simultaneously.

From securing our nation's most sensitive systems to enabling digital transformation and cloud adoption, our people are the ones who make change real.

GDIT is an Equal Opportunity/Affirmative Action employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

  • Senior Cybersecurity Analyst, TS/SCI

    1 week ago

    Springfield, Virginia, United States GuidePoint Security Full time

    GuidePoint Security offers reliable cybersecurity expertise, solutions, and services that empower organizations to make informed decisions and reduce risk. By employing a comprehensive, three-tiered approach to assess security posture and ecosystems, GuidePoint assists some of the nation's leading organizations, including Fortune 500 companies and U.S....

  • Cybersecurity Systems Analyst

    2 weeks ago

    Springfield, Virginia, United States Parsons Company Full time

    Join Our Team as a Cybersecurity Systems AnalystAt Parsons, we believe in creating a workplace filled with diverse opportunities. Our mission is to foster an environment where you can thrive and contribute to meaningful projects. If you envision a career where you can be yourself and work alongside intelligent individuals, we have the perfect opportunity for...

  • Cybersecurity Threat Analyst

    5 days ago

    Springfield, Virginia, United States GuidePoint Security Full time

    About the RoleGuidePoint Security is seeking a highly skilled Vulnerability Management Specialist to join our team. As a key member of our cybersecurity team, you will be responsible for executing vulnerability scans, analyzing scan results, and reporting on findings. You will also be responsible for building and implementing automated vulnerability...

  • Cybersecurity Tools Specialist

    4 days ago

    Springfield, Virginia, United States V2X Full time

    About the RoleV2X is seeking a highly skilled Cybersecurity Tools Administrator to join our team. As a Cybersecurity Tools Administrator, you will be responsible for implementing and maintaining the Directorate's cybersecurity toolsets, ensuring the security and integrity of our global WAN.Key ResponsibilitiesImplement and Maintain Cybersecurity Toolsets:...

  • Cybersecurity Solutions Specialist

    5 days ago

    Springfield, Virginia, United States Vectrus Full time

    About the RoleAt Vectrus, we are seeking a highly skilled Cybersecurity Tools Administrator to join our team. As a Cybersecurity Tools Administrator, you will play a critical role in implementing and maintaining our cybersecurity toolsets, ensuring the security and integrity of our systems and data.Key ResponsibilitiesConfigure, troubleshoot, and maintain...

  • Cybersecurity Investigator and Systems Administrator

    5 days ago

    Springfield, Virginia, United States ManTech Full time

    Job SummaryWe are seeking a highly motivated and experienced Cybersecurity Investigator and Systems Administrator to join our team at ManTech International Corporation. As a key member of our National Intelligence Sector, you will play a critical role in protecting our nation's security while working on innovative projects that offer opportunities for...

  • Deputy Operations Manager

    5 days ago

    Springfield, Virginia, United States Elluminates Software Full time

    About the RoleElluminates Software is seeking a highly skilled Deputy Operations Manager to join our team in support of the Department of State (DOS) as a part of the Vanguard 2.2.1 contract. This is a full-time position that requires a strong background in IT infrastructure and cybersecurity.Key ResponsibilitiesIT Infrastructure ManagementDesign, integrate,...

  • Cybersecurity Assurance Engineer

    2 weeks ago

    Springfield, Virginia, United States General Dynamics Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills: Computer Security, Cybersecurity, Data SecurityCertifications: IAM II certification requiredExperience:...

  • Lead Security Analyst for Virtualization and Storage Solutions

    2 weeks ago

    Springfield, Virginia, United States Apavo Full time

    Job OverviewPosition: Lead Security Analyst for Virtualization and Storage SolutionsLocation: National Capital RegionSecurity Clearance: TS/SCI with CI PolyTravel Requirements: Willingness to travel up to 30%, including local travel within the National Capital Region.Apavo is a premier cybersecurity firm dedicated to delivering exceptional services to...

  • Cybersecurity Assurance Engineer

    2 weeks ago

    Springfield, Virginia, United States General Dynamics Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills: Computer Security, Cybersecurity, Data SecurityCertifications: IAM II certification requiredExperience:...

  • Lead Cybersecurity Solutions Engineer

    2 weeks ago

    Springfield, Virginia, United States Strategic ASI Full time

    Strategic ASI is looking for a Lead Cybersecurity Solutions Engineer to enhance our team. Key Responsibilities: Facilitate Cyber Operations initiatives to ensure the timely publication of updated cybersecurity tool signatures. Conduct in-depth analysis, including reverse engineering of malware, to investigate intrusions, anomalies, and malicious...

  • Cybersecurity Assurance Engineer

    2 weeks ago

    Springfield, Virginia, United States General Dynamics Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public TrustJob Family:Information SecurityJob Qualifications:Skills: Computer Security, Cybersecurity, Data SecurityCertifications: IAM II certification requiredExperience: 10+ years of...

  • Cybersecurity Assurance Engineer

    2 weeks ago

    Springfield, Virginia, United States General Dynamics Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills: Computer Security, Cybersecurity, Data SecurityCertifications: IAM II certification requiredExperience:...

  • Cybersecurity Assurance Engineer

    1 week ago

    Springfield, Virginia, United States General Dynamics Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills: Computer Security, Cybersecurity, Data SecurityCertifications: Experience: 10 + years of related...

  • Cyber Security Analyst, Sr. Principal

    5 days ago

    Springfield, Virginia, United States ManTech Full time

    Secure Our Nation, Ignite Your FutureManTech is seeking a highly skilled and experienced Cyber Security Analyst, Sr. Principal to join our team. As a Cyber Security Analyst, you will be responsible for directly managing security incidents from inception to final after-action reporting, ensuring our organization's business objectives are met.Key...

  • Cybersecurity Risk Management Lead for National Security Systems

    2 weeks ago

    Springfield, Virginia, United States Rigil Corporation Full time

    Job OverviewPosition: Cybersecurity Risk Management and Compliance Lead for National Security SystemsAbout Rigil CorporationRigil Corporation is a distinguished, woman-owned small business specializing in technology consulting, strategic planning, and product innovation. We prioritize collaboration and are committed to cultivating effective leaders.Location:...

  • Cybersecurity Assurance Specialist

    2 weeks ago

    Springfield, Virginia, United States inventium LLC Full time

    Job OverviewSalary: This position is for an Information Assurance Engineer focused on supporting a Department of Defense program.Position Summary:We are in search of an Information Assurance Engineer dedicated to safeguarding our national defense against various threats. If you possess a strong analytical mindset and a drive for innovation, you will thrive...

  • Cybersecurity Assurance Specialist

    2 weeks ago

    Springfield, Virginia, United States inventium LLC Full time

    Job OverviewSalary: Position: Information Assurance EngineerThis role involves supporting a Department of Defense program focused on safeguarding national security interests.Position Summary:We are in search of an Information Assurance Engineer to enhance our team of dedicated technical experts committed to defending against criminal activities, terrorism,...

  • Cybersecurity Assurance Specialist

    2 weeks ago

    Springfield, Virginia, United States inventium LLC Full time

    Job OverviewSalary: This position is for an Information Assurance Engineer focused on supporting a Department of Defense initiative.Position Summary:We are in search of an Information Assurance Engineer dedicated to safeguarding those who serve against criminal activities, terrorism, and emerging threats. If you have a passion for analytics and innovation,...

  • Cybersecurity Assurance Engineer

    2 weeks ago

    Springfield, Virginia, United States General Dynamics Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:Top Secret SCI + PolygraphClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Job Family:Information SecurityJob Qualifications:Skills: Computer Security, Cybersecurity, Data SecurityCertifications: IAM II certification requiredExperience: 10+ years of...