Cyber Security Operations Specialist -SIEM Services
General Dynamics Information Technology Springfield, VA
General Dynamics Information Technology Springfield, VA
1 week ago
See who General Dynamics Information Technology has hired for this role
General Dynamics Information Technology Springfield, VA
1 week ago
See who General Dynamics Information Technology has hired for this role
- Report this job
Pay found in job post
Retrieved from the description.
Base pay range
$60,549.00/yr - $101,109.00/yr
Job Description:Type of Requisition:Regular
Clearance Level Must Currently Possess:Top Secret SCI + Polygraph
Clearance Level Must Be Able To Obtain:Top Secret SCI + Polygraph
Suitability:Public Trust/Other Required:Job Family:Cyber Security
Skills:Job Qualifications:Cybersecurity, HP ArcSight, SIEM Tools
Certifications:Experience:3 + years of related experience
US Citizenship Required:Yes
Job Description:
- Job Duties Include: Provide all preventative and corrective maintenance to ensure consistent, reliable, and secure service availability. This includes all actions required to return the service to full operational capability such as vendor RMA processes, removal and proper disposal of broken equipment/software, installation and testing of new equipment/software, and configuration of new equipment/software Maintain system availability and reliability with a threshold of 99.99% Detect and ticket degradations (volume/velocity) of all SIEM data flows within 60 minutes of the start of the degradation Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the CSOC knowledge management platform Execute emergency maintenance actions with sufficient urgency to preclude unacceptable outage durations, approved by the Government prior to execution, and coordinated through and approved by CSOC and ESC government management Perform all development, engineering, testing, integration, and implementation actions necessary for major vendor revisions Perform continuous engineering assessments to improve the performance, effectiveness, coverage, and maturity of this service. Retain documentation regarding loss of event logs (e.g. June 5-7th DNS logs were not ingested from SBU and are lost) Configure all assets assigned to this service within the Government Furnished Information - Software Tools list in accordance with all Federal, DoD, IC, and NGA laws, directives, orders, polices, guidance, procedures etc. Perform all development, design, engineering, testing, integration, and implementation actions needed for the total integration and interoperability between all applicable assets in the Government Furnished Information - Software Tools list. This includes ensuing all data flows are properly parsed for ingestion/transmission to internal and external automated reporting systems (e.g. JFHQ DoDIN – Joint Incident Management System, DoD CIO – DoD Scorecard/Get to Green reporting, IC CIO – Cybersecurity Performance Evaluation Model reporting, etc.) Utilize agency approved ticketing systems to document, track, assign, update, and coordinate all engineering, integration, configuration, and maintenance actions Use various monitoring, analysis, and visualization tools to track effectiveness, status, performance metrics, and other information as needed or required by Government staff and contractors assigned Cybersecurity Operations Services and Cybersecurity Readiness Services
Required Skills: SIEM experience with one of the following ArcSight, Elasticsearch, Splunk, Event Broker, User Behavioral Analysis (UBA) Experience providing support to Cybersecurity Operations Cell (CSOC) in creating alerting rules Create SIEM playbooks Linux (RHEL) Expert (administration and engineering) Proficient in manipulating SIEM filters to better find and analyze potential malicious/atypical activity and reduce false positives Experience with content development within ArcSight and Kibana to facilitate Cyber Analysts ability to investigate malicious events Creation of ArcSight rules based on use cases of malicious events Tuning and aggregation of queries and filters Skilled in troubleshooting event flow through Enterprise Audit infrastructure Skilled in troubleshooting event format and parsing for ingest into data storage and into SIEM tools Active TS/SCI Clearance DoD 8570.01-M IAT Level II and CSSP Infrastructure Support certifications 3+ years' Experience with SIEM and Development Projects 3+ years' Experience with SIEM support for projects and technical exchange meetings 6+ years' Experience developing and maintaining enterprise audit projects.
Desired Skills: Kibana Data Analytics
Investigates, analyzes, and responds to cyber incidents within a network environment or enclave.
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks
May coach and provide guidance to less experienced professionals.
May serve as a team or task lead.
EDUCATION AND EXPERIENCE: Technical Training, Certification(s) or Degree, 5+ years of experience
The likely salary range for this position is $60,549 - $101,109. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:40
Travel Required:None
Telecommuting Options:Onsite
Work Location:USA VA Springfield
Additional Work Locations:USA MO St. Louis
Total Rewards At GDIT:Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Engineering and Information Technology -
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at General Dynamics Information Technology by 2x
See who you know
Get notified about new Cyber Security Specialist jobs in Springfield, VA.
Sign in to create job alert
Similar jobs
-
Cybersecurity Analyst (Hybrid)
Cybersecurity Analyst (Hybrid)
IsI Enterprises
Herndon, VA $75,000.00 - $90,000.00
-
Information Security Engineer
See AlsoEl Paso Locomotive FC Appoint Wilmer Cabrera as New Head Coach - El Paso Locomotive FCHolland’s Super 30: The .300 H&H Magnum | Firearm DiscountsInformation Security Engineer
Pierce
Washington, DC
-
Shift Jr. Analyst - Junior Security Analyst
Shift Jr. Analyst - Junior Security Analyst
Fusion Technology LLC
Chantilly, VA
-
Security Analyst
Security Analyst
Gen3 Technology Consulting
Washington, DC
-
SOC Analyst - Tier 1 (Onsite)
SOC Analyst - Tier 1 (Onsite)
Serigor Inc
Washington, DC
-
Cyber Security Analyst
Cyber Security Analyst
McIntire Solutions, LLC
Springfield, VA
-
SOC Security Analyst I
SOC Security Analyst I
BlueVoyant
College Park, MD
-
Cyber Security Engineer
Cyber Security Engineer
JCS Solutions LLC
Silver Spring, MD
-
Cyber Security Analyst
Cyber Security Analyst
Stott and May
Washington DC-Baltimore Area $160,000.00 - $180,000.00
-
Cyber Security Analyst (Shift Work)
Cyber Security Analyst (Shift Work)
McIntire Solutions, LLC
Springfield, VA
-
Tier 1 Security Operations Center Analyst
Tier 1 Security Operations Center Analyst
Google
Reston, VA $118,000.00 - $174,000.00
-
Cyber Security Analyst
Cyber Security Analyst
CIBR Warriors
Herndon, VA $120,000.00 - $130,000.00
-
Junior Security Analyst (Secret Clearance Required)
Junior Security Analyst (Secret Clearance Required)
Fusion Technology LLC
Herndon, VA
-
Cyber Security Analyst
Cyber Security Analyst
JCS Solutions LLC
Bethesda, MD
-
Cybersecurity Specialist
Cybersecurity Specialist
JSI
Arlington, VA
-
Cybersecurity SME(s)
Cybersecurity SME(s)
TestPros, Inc.
Arlington, VA
-
Cybersecurity
Cybersecurity
TripleCyber Corporation
Springfield, VA
-
SOC Security Analyst Tier 2
SOC Security Analyst Tier 2
Hill Associates Corporation
District of Columbia, United States
-
Information Assurance & Security Specialist
SmartIPlace
Washington, DC
-
Cybersecurity Specialist
Cybersecurity Specialist
AAC Inc.
Vienna, VA
-
Cyber Security Specialist
Cyber Security Specialist
Veracity Engineering
Washington DC-Baltimore Area
-
Counterintelligence Cyber Officer Level I - V
Counterintelligence Cyber Officer Level I - V
ISN
Springfield, VA
-
RMF Cybersecurity Analyst - Top Secret
RMF Cybersecurity Analyst - Top Secret
Maania Consultancy Services
Sterling, VA
-
Information Security Analyst
Information Security Analyst
Municipal Securities Rulemaking Board
Washington, DC
-
Information Security Analyst
Information Security Analyst
Ampcus Inc
Vienna, VA
-
Cybersecurity Engineering - Technical
Cybersecurity Engineering - Technical
U.S. Department of Homeland Security
Springfield, VA
-
Cyber Security Engineer - Hybrid
Cyber Security Engineer - Hybrid
The Dignify Solutions, LLC
Herndon, VA $70.00 - $80.00
People also viewed
-
Tier 2 Security Operations Center Analyst
Tier 2 Security Operations Center Analyst
Google
Reston, VA $142,000.00 - $211,000.00
-
Cyber Security Engineer - CyberArk
Cyber Security Engineer - CyberArk
eTek IT Services, Inc.
McLean, VA
-
Cyber Security Analyst
Cyber Security Analyst
ETalentNetwork
Washington, DC
-
Cybersecurity Engineering - Leadership
Cybersecurity Engineering - Leadership
U.S. Department of Homeland Security
Springfield, VA
-
Information System Security Officer
Information System Security Officer
KeenLogic
Arlington, VA
-
Cyber Security Analyst
Cyber Security Analyst
Convirgence
West McLean, VA
-
Cyber Security Analyst
Cyber Security Analyst
SecuriGence LLC
Arlington, VA
-
Cyber Security Engineer
Cyber Security Engineer
SilverEdge
Reston, VA
-
Mid Cyber Security Engineer
Mid Cyber Security Engineer
Fusion Technology LLC
Chantilly, VA
-
Insider Threat Analyst Level I - V
Insider Threat Analyst Level I - V
ISN
Springfield, VA
Similar Searches
- Cyber Security Specialist jobs 31,368 open jobs
- Analyst jobs 760,055 open jobs
- System Administrator jobs 53,018 open jobs
- Security Officer jobs 46,971 open jobs
- Summer Intern jobs 13,028 open jobs
- Information Technology Security Specialist jobs 12,265 open jobs
- Security Consultant jobs 64,118 open jobs
- Information Security Analyst jobs 12,028 open jobs
- Malware Analyst jobs 454,813 open jobs
- Head of Information Security jobs 1,018 open jobs
- Senior Information Security Engineer jobs 9,194 open jobs
- Information Security Specialist jobs 18,656 open jobs
- Security Analyst jobs 57,459 open jobs
- Information Security Engineer jobs 27,176 open jobs
- Information System Security Officer jobs 7,506 open jobs
- Information Technology Security Analyst jobs 8,094 open jobs
- Senior Information Security Consultant jobs 2,740 open jobs
- Information Security Consultant jobs 7,570 open jobs
- Senior Security Engineer jobs 33,129 open jobs
- Information System Security Engineer jobs 4,739 open jobs
- System Security Analyst jobs 28,880 open jobs
- Information Security Officer jobs 21,019 open jobs
- Security Researcher jobs 50,177 open jobs
- Information System Security Manager jobs 3,843 open jobs
- Chief Information Security Officer jobs 2,692 open jobs
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More