Responsibilities for this Position
Location: USA DC Washington - One Columbus Cir NE (DCC182)
Full Part/Time: Full time
Job Req: RQ181154
Type of Requisition:
Regular
Clearance Level Must Currently Possess:
None
Clearance Level Must Be Able to Obtain:
None
Suitability:
Public Trust/Other Required:
Job Family:
Cyber Security
Job Qualifications:
Skills:
IT Experience (Inactive), Security Information and Event Management (SIEM), Vulnerability Management
Certifications:
CISSP: Certified Information Systems Security Professional - ISC2
Experience:
5 years of related experience
ship Required:
No
Job Description:
Overview:
GDIT is looking for Security Operations Engineer with expert knowledge and experience with implementing and administering enterprise-level cybersecurity systems which includes performing day-today security operations activities in a Local Area Network General Support System (LAN-GSS) and its integrated IT environment. The position is in support of GDIT's contract with the Administrative Office of United States Courts - Administrative Office Technology Office (AOUSC-AOTO) in Washington DC.
Responsibilities:
The successful candidate will work with systems, applications, and solutions for AOTO's enterprise-wide cyber systems and networks. This is a hands-on role that requires deep technical knowledge of systems, networks, and application security along with a solid understanding of enterprise-level security frameworks, policies, processes, and standards. The position requires strong critical thinking and analytical skills, attention to detail, and excellent oral and written communication skills.
Performs all tasks to align with Information Security Program direction provided by ISO, AOTO
Follows SecOps guidance provided by the AOTO SecOps Government Lead
Participates in Incident Response activities in coordination with other teams as necessary; Reviewing and editing event correlation rules, performing triage on these alerts by determining their criticality and scope of impact, evaluating attribution and adversary details.
Evaluates and reviews vulnerability scans, completes review and reports on anti-virus definition reports weekly and takes proactive steps to ensure mitigation and/or remediation of findings.
Acts as a subject matter expert and consultant on security operations across various projects, where expert guidance and strategic recommendations would be provided to ensure the security and integrity of project environments.
Uses SIEM tools to aggregate and analyze security data and to generate reports and dashboards for security metrics and trends.
Collaborates with cross-functional teams to implement and refine security protocols.
Performs day-to-day operations of security tools, including but not limited to:
o Next Generation Firewalls
o Web Gateways/Proxies
o Endpoint Protection
o Data Loss Prevention
o Intrusion Detection and Prevention
o Log Aggregation/SEIM
o Network and Application Vulnerability Scanning
o Patch Management
o Phish alert button
Monitors appropriate security feeds and dashboards in support of Continuous Monitoring activities.
Provides timely security impact analysis to support change management processes.
Supports the Security and Assessment and Authorization process and Software Development Life Cycle activities by providing recommendations on appropriate control implementation and risk mitigation strategies.
Conducts vulnerability scans, interprets results and provides them to customers.
Monitors various Internet and open source information feeds for emerging vulnerabilities and threat actors, determining their applicability to the operating environment and issuing technical advisories appropriately.
Provides input to system security documentation, including but not limited to:
o Concept of Operations
o Architecture Diagrams
o Security Policies
o Standard Operating Procedures
Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack. Reviews and collects asset data (configs, running processes, etc.) on these systems for further investigation. Determines and directs remediation and recovery efforts.
Continuously monitors, develops, and implements new approaches and procedures regarding security measures based on emerging security trends and technologies to enhance project security posture that comply with Judiciary and AOTO policies and guidelines.
Implement, manage and report on all aspects of the IT security training and simulated phishing program.
Continuously assess performance and recommend new capabilities the IT security and training program should implement from the platform.
Manage updates to the IT security awareness training platform and associated documentation.
Monitor and manage the IT security awareness training support email inbox.
Performs other duties as assigned.
Qualifications:
REQUIRED SKILLS:
At least 5 years total IT experience, with 1-3 years of experience as a security administrator, engineer, or analyst in an enterprise environment
Experience in one or more of the following:
o Vulnerability Management Systems (e.g. Nessus)
o Patch Management Systems (e.g. Quest/Dell Kace 1000)
o Web-based threat protection (e.g., Websense)
o SIEM tools (e.g., Splunk)
Experience coordinating and overseeing the implementation of security patches.
Experience with remediation of security vulnerabilities.
Knowledge of the operating characteristics of various operating systems, e.g. Windows 10, Windows 11, Windows server 2008/2012/2016/2019, iOS.
Knowledge of general management and auditing techniques for identifying problems, gathering and analyzing pertinent information, forming conclusions, developing solutions and implementing plans consistent with management goals.
Plan, manage and provide guidance pertaining to IT Security to include all phases of computer security (i.e., hardware, software, and telecommunications equipment, installation and evaluation). Work frequently requires the candidate to be involved in diverse projects simultaneously, several of which may have equally high priority.
Excellent oral and written communications skills. Interaction and information gathering with coworkers and customers.
EDUCATION/CERTIFICATIONS:
Bachelor's degree in an IT related field is required.
At least one Industry leading certification relating to IT security (CISSP, GIAC, CompTia Security , etc.)
The likely salary range for this position is $93,500 - $126,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:
40
Travel Required:
None
Telecommuting Options:
Hybrid
Work Location:
USA DC Washington
Additional Work Locations:
Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
PI244096206
Back To Search Results GDIT supports and secures some of the most complex government, defense, and intelligence projects across the country.