• Cyber Security Analyst Associate - SOC Tier I (New Grad)

    General Dynamics Information TechnologyAshburn, VA 20147

    Job #1580056842

  • Type of Requisition: Regular

    Clearance Level Must Be Able to Obtain: Secret

    Job Family: Cyber Security

    GDIT's Early Career Program is designed with you in mind! Our new graduate opportunities are intended for recent college graduates with 0-1 year of professional work experience. At GDIT, every day, we influence how the government serves the country and its citizens. Starting your career with GDIT, allows you the opportunity to be a part of critical missions that don't just shape the world, but the individual.

    GDIT is seeking a Tier 1 Cyber Security Analyst Associate (New Grad) in Bossier City Louisiana

    Candidates for this position must reside in Louisiana

    The Tier 1 Analyst is directly responsible for the first level monitoring, triage, and communication of security events received into the SOC. Level 1 Analysts will use SIEM technology to triage alerts as the enter the SOC from network and security systems/applications, the client, and/or from intelligence sources. Furthermore, the Analyst may be required to both monitor and utilize third party toolsets in the client environment to assist with the identification of security threats.

    RESPONSIBILITIES: In this position the successful candidate will perform Tier 1 triage and escalation to support SOC operations including:

    • Provides technical support on post event network security logs and trend analysis. Detects the full spectrum of known cyberattacks (e.g., DDoS, malware, phishing, others).;

    • Uncovers security and compliance violations.

    • Pinpoints location of compromised systems and devices.

    • Correlates events from the various components in the IT security infrastructure and identifies attacks and breaches.

    • Associates and correlates IP address related events with specific systems or devices in the IT infrastructure.; Identifies and analyzes intelligence information about threats to customer's information processing systems.;

    • Conducts cyber incident and event monitoring.

    • Identify anomalous and malicious activity.

    • Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough triage of events utilizing relevant event detail and summary information.

    • Ensure the integrity and protection of networks, systems, and applications through monitoring of security devices. React to customers escalations.

    • Observes and documents actions taken by malicious actors in customer networks.

    • Contribute to content creation, prioritize, rank and escalated incidents.

    • Experience working within a wide range of environments to include Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and TCP/IP protocols.

    • Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations.

    SKILLS

    • Security Information and Event Management (SIEM)

    • Cloud computing

    • Familiarity with Federal and DoD security standards such as NIST, DCID, CNSS and DoD 8500. Experience in implementation of ITIL practices and ISO 2700 family of standards.

    • Windows, UNIX and Linux operating systems

    • IDS/IPS, penetration and vulnerability testing

    • DLP, anti-virus and anti-malware

    • TCP/IP, computer networking, routing and switching

    • Firewall and intrusion detection/prevention protocols

    • Computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.) and Network traffic analysis methods. Working knowledge of Windows and Linux OS to include experience working in the command line interface. Knowledge of IPS/IDS, Experience managing cases with enterprise SIEM systems (e.g. LCE, ArcSight, Splunk) and other network security tools. Experience reviewing and analyzing network packet captures.

    • Knowledge of information security event monitoring and detection and NID monitoring and incident response; Cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks); Attack methods and techniques (DDoS, brute force, spoofing, etc.).

    • Strong research background. Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. (a plus, not required)

    EDUCATION

    • Recent college graduate with 0 to 1 year of related experience

    PREFERRED QUALIFICATIONS

    • Certification in one or more industry-related certifications including (not limited to); CompTIA Security + / Network + / etc., GSEC (GIAC Security Essentials Certification), CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker, GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler), ECSA (EC-Council Security Analyst)

    • Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) (a plus, not required)

    #earlytalent

    We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

    GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.