This site uses cookies. To find out more, see our Cookies Policy

NOSC CND Detect / Response - TS/SCI - Alexandria, VA in Alexandria at General Dynamics Information Technology

Date Posted: 3/13/2019

Job Snapshot

  • Employee Type:
  • Location:
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
  • Job ID:

Job Description

Detect - Mission Statement: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

Respond - Mission Statement: Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation or property, and information security. Investigates and analyzes all relevant response activities. 

1.Monitor Splunk for Alerts

2.Monitor HBSS

3.Monitor Fidelis

4.Monitor IDS

5.Monitor FW Logs and FW Blocks

6.Develop Indicators for detections using Splunk, Fidelis, etc...

7.Monitor Network Flows

8.Review Device Logs

9.Monitor DCO and Cybercom chat rooms for new indicators

10.Initial Triage for Detected Incidents

11.Daily Status report for Open Incidents

12.Maintain Daily Operations Log for Incident Detection

13.Should have a good understanding how to build dashboards and custom queries in but not limited to HBSS, ACAS, Fidelis, IDS systems Incident Response

1.Manage Incidents from Detect team and complete all actions.

2.Work with Program Office Divisions (And other units as needed), to remediate incidents, acquire the 5w’s and ensure the incident has been rectified and documented appropriately in accordance with approved Standard Operating Procedures.

3.Work with the Information Assurance Team, Security manager and GOVT ISSM to ensure any Data Spills are handled appropriately. Manage the Data Spill Process, working with external agencies as required to ensure cleanup and mitigation is accomplished within required times as set out by government.

4.Assist in the development of incident response documentation and SOPs

5.Produce AAR for all closed Incidents.

6.Remotely access machines to remove unauthorized software, malware eradication…

Job Requirements

1. 5-8 years of related experience in data security administration.

2. Comprehensive knowledge of data security administration principles, methods, and techniques. 3. Certification in one or more specific technologies may be required, depending on job assignment. 4. Requires familiarity with domain structures, user authentication, and digital signatures.

5. Requires understanding of firewall theory and configuration.

6. Requires understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.

7. Must possess and maintain a Top Secret/SCI Clearance.

8. Must meet DoD 8570 requirements and be eligible for IAT level II and CDSP Incident Reponse access upon hire for positions with elevated privileges and must obtain ITIL V3 Foundation within six months of hire.

9. Depending on job assignment, additional specific certifications may be required.

10. This position may be required to complete short-term deployments to austere locations worldwide

11. The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment. The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job. 

Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job.  #BICES and #CJPOST

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.