Detect Team Lead

General Dynamics Information Technology Fairmont, West Virginia 26554
JOB ID: 2018-35903 2/22/2018 7:46:41 AM




Job Description

General Dynamics IT has an opening for a NOAA Detect Team Lead with strong communication and technical skills that will provide cybersecurity monitoring and situational awareness across the National Oceanic and Atmospheric Administration (NOAA) Security Operations Center (SOC). The NOAA SOC provides continuous enterprise monitoring and situational awareness supporting a 20,000+ user agency. The NOAA SOC is the first responder to network security events. It uses correlated data of computer and network system logs and other network data sources to make intelligent analysis of potential or actual attacks against NOAA networks. The NOAA SOC;

* Provides the trained personnel, processes, and procedures to maintain and augment the operations that enable the NCSC’s Security Operations Center (NSOC) on a 24/7 manned basis.
* Maintains confidentiality, integrity, and availability of NOAA data, assets, and services.
* Monitors the NOAA network to protect key areas within the Network and make additional logging and security recommendations when necessary.
* Provides the best-in-class situational awareness, early warning capabilities, and proactive defense against security threats.
* Manages and support the Trusted Internet Connection Access Point (TICAP) functionality that NOAA provides to both internal and external customers.
* Acts as first responder to network security events.
* Defines the process to bring NOAA FISMA systems under the NSOC protection, known as “onboarding.”
* Onboards NOAA Organizational Units (OUs) and FISMA systems under the NSOC protection.
* Discovers and implement new threat intelligence sources.
* Meets the Service Level Agreements (SLAs) of on-boarded OUs and FISMA systems.
* Performs QA/QC incident data and give measures of performance for the effectiveness NOAA’s network defense.

The candidate must be a US Citizen and be able to obtain Department of Commerce vetting clearance.

Specific roles & responsibilities for the position include but not limited to the following:

* Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
* Monitors and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
* Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
* Evaluates firewall change requests and assess organizational risk.
* Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
* Assists with implementation of counter-measures or mitigating controls.
* Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
* Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
* Prepares incident reports of analysis methodology and results.
* Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
* Serves as a technical team or task leader.
* Maintains current knowledge of relevant technology as assigned.
* Participates in special projects as required.

Candidates must be willing to submit resumes to be included in the final proposal submission. Employment is contingent upon contract award.


* Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

* 8-10 years of related experience in data security administration, including supervisory experience.
* Familiarity with the tasks and technology such as the following: Centralized logging and analysis, Security Log Collector, Security Log Retention, SIEM, VTC Management

Additional Desired Experience:

* Five (5) years of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill.
* Three (3) years of technical task management and supervisory experience.
* Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
* Experience writing contract deliverables such as Trend Analysis reports and Quarterly Status Reports.
* Advanced knowledge of data security administration principles, methods, and techniques.
* Effective supervisory skills.
* Certification in one or more specific technologies.
* Familiarity with domain structures, user authentication, and digital signatures.
* Understanding of firewall theory and configuration.
* Requires understanding of DHS/DoD policies and procedures, such as FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.



Security:Top Secret

Location: Fairmont, WV - West Virginia