General Dynamics Information Technology Countermeasures Team Lead in Fairmont, West Virginia
General Dynamics IT has an opening for aDOC Countermeasures Team Leadwithstrong communication and technical skills that will provide cybersecurity monitoring and situational awareness across the Department of Commerce (DOC) Enterprise Security Operations Center (ESOC), and in the future will likely expand to provide security services to other agencies in the DOC. The Enterprise Security Operations Center (ESOC) will provide integration department-wide into the cybersecurity posture of departmental assets and management awareness of significant on-going cyber threats, events, and incidents, allowing management to make priority-based resourcing decisions. The focus of the ESOC is to integrate, correlate, and enrich disparate information sources to provide actionable intelligence and advice to network and system operators as well as Departmental management.
The candidate must be a US Citizen and be able to obtain Department of Commerce vetting clearance.
Specific roles & responsibilities for the position include but not limited to the following:
Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
Monitors and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Evaluates firewall change requests and assess organizational risk.
Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
Assists with implementation of counter-measures or mitigating controls.
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
Prepares incident reports of analysis methodology and results.
Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
Serves as a technical team or task leader.
Maintains current knowledge of relevant technology as assigned.
Participates in special projects as required.
Candidates must be willing to submit resumes to be included in the final proposal submission. Employment is contingent upon contract award.
- Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
8-10 years of related experience in data security administration, including supervisory experience.
Certification(s) Desired: CISSP, GIAC GREM, GIAC GSEC, GIAC GCIH, GIAC GCFA, CCNA, CEH, MCITP, ENCE
Familiarity with the tasks and technology such as the following: Intrusion Detection, Threat Analysis, Log collection and management for reporting, analyzing and storage, Enterprise Security Management, Network Vulnerability Monitoring, Web Content Filtering, Flow collector/sensor/manager, Packet Capture Manager/Decoder/Concentrator, Data Backup and Restoral, Email and Web Sensor Management, Malicious Email Scanner, Malicious Web Scanner, Malware Sandbox, Mandiant Endpoint Protection, McAfee Endpoint Protection, Rogue System Detection, Host Intrusion Prevention, AntiVirus, Inline Firewall Inspection/Protection,Centralized reporting , logging, analysis of syslog appliances, Fortinet Network management, Packet Distribution switch feeds Stealthwatch, Netwitness, and Fireye, Access Interface for Mgmt. and KVM networks, Stratum 1 Network Time Protocol, Web Application Security Scanning and vulnerability tool, Complete Network Infrastructure monitoring and Alerting, Computer Forensics Investigation
Additional Desired Experience:
Five (5) years of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill.
Three (3) years of technical task management and supervisory experience.
Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
Experience writing contract deliverables such as Trend Analysis reports and Quarterly Status Reports.
Advanced knowledge of data security administration principles, methods, and techniques.
Effective supervisory skills.
Certification in one or more specific technologies.
Familiarity with domain structures, user authentication, and digital signatures.
Understanding of firewall theory and configuration.
Requires understanding of DHS/DoD policies and procedures, such as FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Job ID 2018-35898
Number of Positions 1
Job Locations USA-WV-Fairmont
Job Function Information Technology
Security Clearance Level Top Secret
Full/Part Time Full Time