Apply on Employer Site

General Dynamics Information Technology · 2 weeks ago

Cybersecurity Analyst Principal

Bossier City, LA

Full-time

Hybrid

Senior Level, Lead/Staff

$102K/yr - $138K/yr

5+ years exp

General Dynamics Information Technology is a global technology and professional services company focused on delivering consulting and mission services to U.S. government agencies. The Cybersecurity Analyst Principal will oversee daily operations of the Security Operations Center (SOC), lead incident management processes, and mentor team members to ensure effective incident response and operational readiness.

Artificial Intelligence (AI)Cloud ComputingConsultingCyber SecurityInformation Technology

No H1B

U.S. Citizen Only

Responsibilities

Oversee the daily operations of the SOC and plans shift activities

Works closely with Incident Management Team

Must be willing to lead major incident management process, supports Agency leadership during the activation of major/escalated incidents

Develop, author, and deliver process improvements for the SOC in order to maintain operational readiness for incident response

Monitor and report on call volumes, alarm responses, and incident reports to ensure appropriate levels of service are met

Partner with IT leadership and teams to support operational issues and prepare for potential incidents

Support annual updates of the incident response concept of operations document

Support annual incident response tabletop exercises

Lead, mentor, and coach SOC I and SOC II staff members

Work as part of a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures

Carry out triage on security events, coordinate incidents with Incident Management Team, IT operations, network engineering, and application teams and support the Incident Management process

Identify and respond to incidents, to prevent or limit damage to assets, and report incidents

Detect and analyze incidents, coordinate activities with other stakeholders for containing, eradicating, and recovering from incidents

Development of advanced analytics and countermeasures to protect critical assets

IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics

Supports the production and maintenance standard operational processes and procedures and playbooks for use by all shift personnel

Provide enterprise-wide management of security incidents, managed network space, to detect, respond, and report all computer related incidents that includes daily monitoring of information systems, vulnerability remediation, intrusion detection, log reviews, and malware tracking

Assess, identify, and remediate of the individuals and/or systems affected

Coordinate all information security incidents complied with timeline specifics

Coordinate the development of reports from the SIEM, NIDS, and HIDS

Remain up to date with current attack methods and characteristics in order to identify threats and advise on prevention, mitigation and remediation

Perform other tasks consistent with the goals and objectives of the department/contract

Perform other duties as assigned by Senior Program Executive

Responsible to fully document assigned tickets to show all work performed in order to pass SLRs

Responsible to manage team to fully document assigned tickets to show all work performed in order to pass SLRs

Qualification

CybersecurityIncident ResponseVulnerability ManagementSplunk SEIMCloud SecurityFirewall UnderstandingDevSecOpsLeadership ExperienceMicrosoft DefenderServiceNow ExperienceLinux ExperienceWindows ExperienceActive Directory ExperienceCISSP Certification

Required

5 + years of related experience

US Citizenship Required

Technical Training, Certification(s) or Degree

Experience composing threat reports and other management level communications

Leadership experience of teams of 5 or more

Vulnerability Management – Nessus Vulnerability Scanning

Configuration Management - STIG/SCAP compliance baselines for windows, mac, linux

Splunk SEIM / Log Aggregation experience

Cloud Security - Familiarity with FedRAMP for IaaS, PaaS, SaaS

Experienced Incident Response Team (IR/IRT) troubleshooting, root cause analysis and remediation verification

Knowledge of Identity Management, ICAM/IDAM and authorization, least privilege, reducing unauthorized elevated access

Firewall Understanding including basic networking, sub-netting, IDS, NAT, ACL's

Penetration Test Response and Remediation

DevSecOps – software development lifecycle security –scanning across the lifecycle and baking in application security for developers and containers

Microsoft Defender for Endpoint experience

Preferred

ServiceNow ticketing and reporting experience

Linux, Windows, and Active Directory experience

Experience with Tenable and Palo Alto network security solutions

Cloud and mobile device experience

ForeScout CounterAct, DLP solutions and Cylance AV

CISSP certification

Benefits

Comprehensive benefits and wellness packages

401K with company match

Paid time off

Variety of medical plan options

Some with Health Savings Accounts

Dental plan options

Vision plan

Paid parental leave

Military leave

Bereavement leave

Jury duty leave

Short and long-term disability benefits

Life insurance

Accidental death and dismemberment insurance

Personal accident insurance

Critical illness insurance

Business travel and accident insurance

Company

General Dynamics Information Technology

Glassdoor3.9

General Dynamics Information Technology is an IT consulting company that specializes in cyber security, AI, and quantum computing. It is a sub-organization of General Dynamics.

Founded in 1999

Falls Church, Virginia, USA

10001+ employees