Cybersecurity Analyst

As a Cybersecurity Analyst at GDIT, you will play a crucial role in developing and maintaining defensive countermeasures for our enterprise systems. Reporting to the Lead of Focused Operations under the Branch Chief of Defensive Cyber Operations, your primary responsibility will be to proactively prevent successful compromises and eradicate persistent adversaries already within the enterprise. This will involve collaboration with various teams within Focused Operations, utilizing a Fusion model to enhance our cybersecurity posture. You will engage in activities such as reviewing intelligence reports, analyzing incident reports, and participating in regular Purple Teaming exercises to validate and improve the effectiveness of our Defensive Countermeasures. In your role, you will analyze trends and patterns of data on confidential networks to identify and predict previously undiscovered events and incidents. This will require you to develop or tune rules, signatures, and scripts as necessary. You will coordinate with Defensive Cyber Operations and other Cybersecurity Operations Services to investigate potential sources of compromise and enhance our defensive capabilities. Additionally, you will work closely with the Cyber Data Analytics team to improve SIEM alert efficiency by evaluating valid alerts and false positives, ensuring that our response mechanisms are both effective and efficient. Your responsibilities will also include documenting all work in the authorized ticketing system with sufficient detail to allow stakeholders to reconstruct your analysis systematically. You will provide input during recurring meetings and briefings, contributing to the overall strategy and effectiveness of our cybersecurity operations. This position requires a strong understanding of cybersecurity analytics, data mining, and the development of countermeasures to protect our systems from evolving threats.