Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability. Manages accounts, firewalls, and patches. Responsible for access control, passwords, and account creation and administration . Responsible for setting up and maintaining a system or specific components of a system (e.g. for example, installing, configuring, and updating hardware and software; establishing and managing user accounts; overseeing or conducting backup and recovery tasks; implementing operational and technical security controls; and adhering to organizational security policies and procedures).
Cyber Hunt SME
Provides Subject Matter Expert support to less senior Hunt Analysts in the following areas:
Identifies anomalous activity indicative of active compromise, previous compromise, misconfigurations, or other notable observations to support the protection of our DHS customer environments.
Leads threat hunts to seek out, identify, and triage compromised components of DHS customer environments
Utilizes Network Security Monitoring and using relevant intelligence, tools and data analysis to investigate and mitigate security incidents
Identifies network intruders via known means and methods, tools, and behavior patterns
Provides threat intelligence to guide and shape threat hunts
Builds and improves threat-hunting skills by researching emergent trends, consulting with team members, and advancing their own technical capabilities
Develops cyber threat intelligence and/or conducting analysis on one or more of the following subjects: malware/crimeware, APT ecosystems, software vulnerabilities, exploit kits
Performs basic static and dynamic analysis
Writes production code in common scripting languages (Python, Ruby, R, etc.)
Performs host-based intrusion detection, live responses, and forensic analysis
Provides timely, detailed, and instructive reports on analysis findings
Deploys and uses host based live response tools in multi-platform environments
Tunes of signatures, rules, alerts, parsers, and custom scripts
This position could be deployed in the field on-site at a DHS customer to support/perform incident response or cyber hunt activities if the need arises .
This position could possibly be designated as critical to agency operations and may be required to be deployed as part of an Emergency Relocation Group (ERG) in conjunction with COOP deployment or emergency activation team.
Active Top Secret Security Clearance with SCI eligibility is required. In addition, must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment
Certifications: One or more of the following Certification(s): GCFA, CompTIA Security +, CISSP is preferred.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
10-15 years of related experience in data security administration.
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.