View All Jobs

Respond Team Lead in Fairmont at General Dynamics Information Technology

Date Posted: 4/15/2018

Job Snapshot

  • Employee Type:
  • Location:
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
  • Job ID:

Job Description

General Dynamics IT has an opening for a DOC Respond Team Lead with strong communication and technical skills that will provide cybersecurity monitoring and situational awareness across the Department of Commerce (DOC) Enterprise Security Operations Center (ESOC), and in the future will likely expand to provide security services to other agencies in the DOC.  The DOC Enterprise Security Operations Center Incident Response (ESOC-IR);

  • Provides the trained personnel, processes, and procedures to maintain and augment the operations that enable the Department’s CIRT.
  • Acts as an agent of the government to respond to computer security incidents. This includes identifying if a computer security incident has taken place and, if so, what countermeasures need to be deployed to defend, contain, and recover from an incident.
  • Provides qualified staff required in Fairmont, WV to act as the first line defenders for all confirmed cyber incidents throughout the department. This effort will include but is not limited to manning the central ESOC-IR phones, monitoring the ESOC-IR email box, and preparing situational awareness reports for departmental management.
  • Acts as the central reporting unit regarding all confirmed cybersecurity incidents to the Department of Homeland Security’s Computer Emergency Response Team.
  • Provides trained staff to support the equipment needed for mobile device forensics to protect and defend loaner mobile devices while on foreign travel.
  • Provides qualified staff for malware analysis and reporting for the department.
  • Schedules and hold weekly cybersecurity information sharing meetings to facilitate proactive information sharing for all Commerce incident response and security operations teams.
  • Utilizes an enterprise incident management system for collecting incident information from all DOC Bureaus and for reporting all incidents to US-CERT that comply with US-CERT incident reporting guidelines.

The candidate must be a US Citizen and be able to obtain Department of Commerce vetting clearance.

Specific roles & responsibilities for the position include but not limited to the following:

  • Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
  • Monitors and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
  • Evaluates firewall change requests and assess organizational risk.
  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
  • Assists with implementation of counter-measures or mitigating controls.
  • Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
  • Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
  • Prepares incident reports of analysis methodology and results.
  • Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
  • Serves as a technical team or task leader.
  • Maintains current knowledge of relevant technology as assigned.
  • Participates in special projects as required.

Candidates must be willing to submit resumes to be included in the final proposal submission. Employment is contingent upon contract award.

Job Requirements

  • 8-10 years of related experience in data security administration, including supervisory experience.
  • Certification(s) Desired: CISSP, ITIL

Additional Desired Experience:

  • Five (5) years of current experience in 24x7x365 network security monitoring operations of similar IT environments.
  • Five (5) years of current experience in managing network security monitoring, detection, and analysis tools, to include IDS, IPS, DLP, SEIM, etc.
  • Five (5) years of working knowledge of network protocols, enterprise architecture, and network security systems and products.
  • Five (5) years of technical task management and supervisory experience.
  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
  • Experience developing and conducting detailed, technical, and hands on training.
  • Demonstrated analytical and communications skills.
  • Experience with scripting and development tools including, but not limited to: PowerShell, VBScript Perl, Ruby, or Python
  • Advanced knowledge of data security administration principles, methods, and techniques.
  • Effective supervisory skills.
  • Certification in one or more specific technologies.
  • Familiarity with domain structures, user authentication, and digital signatures.
  • Understanding of firewall theory and configuration.
  • Requires understanding of DHS/DoD policies and procedures, such as FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.