Security Analyst / SecOps (Nessus and Splunk) in Bethesda, MD at General Dynamics Information Technology

Date Posted: 6/14/2020

Job Snapshot

Job Description

General Dynamics Information Technology is actively looking for multiple levels of SecOps / Security Analysts with Nessus and Splunk toolset experience to join a new program supporting 24x7x365 environment for the NIH Center for Information Technology. As a key participant within a security operations maturity model assessment team, you will share responsibilities for conducting FISMA-compliant Incident response gap analysis. The SecOps Analysts will be part of a larger technical team that develops and operates security alerts within the robust National Institutes of Health (NIH) TOC team.

In these positions, you will have the opportunity to directly impact the lives of millions of Americans by working on systems that increase access to medical research and improves health outcomes across the cancer, opioid and infectious disease spectrum.  The ideal candidate will be someone who is looking for continual growth, can think strategically and perform tactically, and mostly importantly, wants to make a positive difference to the people around them. 

RESPONSIBILITIES:

The information security professionals will be part of a team involved in the security alert analysis, and maintenance of the toolsets for numerous FISMA systems for a federal health care agency.

Specific responsibilities for the Junior to Mid-level Analysts include:

  • Provides basic Monitoring and Analysis support of computer security events
  • Assess Current Maturity of Incident Response Processes and Procedures
  • Perform initial triage
  • Report computer security events, in accordance with established processes and procedures
  • IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics.
  • Create and track investigations to resolution.
  • Compose security alert notifications. Advise incident responders in the steps to take to investigate and resolve computer security incidents.

Additional responsibilities for the Senior Analysts include:

  • Detect Active Threats
  • Response Planning
  • Optimizing Incident Alert Thresholds
  • Improve Mean Time to Remediate
  • Perform escalation assistance in alerts, validation and root cause analysis
  • Report computer security events, in accordance with established processes and procedures
  • IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics.
  • Oversight, monitoring and tuning of security systems, including the following: Intrusion Detection & Prevention Systems; Endpoint Security Systems; Security Information and Event Management Systems; Web Proxy Systems; Log Management Systems; Firewall Systems; Full Packet Capture Systems; Data Loss Prevention Systems; Object Level Auditing Systems; Endpoint Forensics; Wireless LAN Monitoring Systems; Database Security Monitoring; Compliance & Threat Modeling Systems.
  • Develop and maintain security policies, procedures, Run Book and Incident Management Plan. Manage consistent daily, weekly and event-based reporting, and manage knowledge base for sharing and transfer of experience.
  • Perform gap analysis and provide strategic and tactical recommendations on security issues, and scale systems to take into account new threat or devices and valuate and contribute to the security posture of the organization.

QUALIFICATIONS

Basic Skills and Experience:

  • Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience

  • Junior to mid-level openings will require 5+ years and Senior openings require 10+ years of related experience in information security/data security administration. 

  • 5 – 8 years of related experience with Splunk and/or SIEM technologies.
  • Must be able to obtain and maintain a Public Trust Clearance.

Desired Skills and Experience:

  • Cyber Certification (CISSP) or (CEH)
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.