The candidate will work in a Security Operations Center to analyze network traffic, large sets of log data, and other relevant security events to identify malicious activity. This includes, but is not limited to establishing normalized traffic and data flow baselines to identify anomalies. Candidate will also need to be able to identify techniques, tactics and procedures used by adversaries, and based on the behavior patterns identified by findings. Candidate will need to develop alerting criteria to improve the Incident Response capability.
- Experience with Window Server 12 or later
- Experience with Red Hat Enterprise Linux (RHEL) 6/7
- Experience with cyber security tools such as Tenable Nessus, Splunk, Wireshark, etc.
- Understanding of network traffic analysis, log analysis, and PCAP Analysis
- Perform incident monitoring, response, triage, and initial investigations
- Monitoring and analysis of security events to determine intrusion and malicious events.
- Monitor security events and logs such as Proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), vulnerability scans, anti-malware events, endpoint security, web application firewall, netflow, packet capture, and computer log files to maintain situational awareness.
- Ability to correlate events from multiple log sources
- Candidate should have worked in a 24x7x365 Operational capability (IRT, CERT, CIRT, CERT, SOC, etc.)
- Communication and technical writing skills
- Attention to detail
- Knowledge of SIEM, packet capture solutions, intrusion detection systems
- Familiarity with network protocols (DNS, DHCP, SMTP, HTTP)
- CompTIA certifications
- CEH desirable
- Work towards a CISSP desirable
Minimum 2-5 years SOC experience
For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.