• Receives and analyzes network alerts from various sources within the enclave and determines possible causes of such alerts;
• Logs and updates Cybersecurity events in a ticketing system with detailed information;
• Coordinates with Cybersecurity staff to validate network alerts;
• Performs analysis of log files from a variety of sources within the enclave, to include individual host logs, network traffic logs, firewall logs, and intrusion detection system logs;
• Characterizes and analyzes network traffic to identify anomalous activity and potential threats to network resources;
• Assists with monitoring external data sources (e.g. Cybersecurity vendor sites, Computer Emergency Response Teams, SANS, Security Focus) to maintain currency of Cybersecurity threat condition and determines which security issues may have an impact on the enclave;
• Prepares incident management documentation in an accurate and professional manner;
• Assists in the construction of signatures that can be implemented in Cybersecurity network tools in response to new or observed threats within the enclave;
• Performs event correlation using information gathered from a variety of sources within the enclave to gain situational awareness and determines the effectiveness of an observed attack;
• Assists system administrators with validation that devices have been cleared of any malicious code;
• Prepares incident management documentation in an accurate and professional manner;
• Other related tasks as required.

• Bachelor’s Degree in one of the following: Computer Science, Engineering, Information Technology, Cybersecurity, or related field; 2 years additional relevant experience could be substituted for degree;
• Requires three (3) years of cybersecurity experience;
• DoD-issued Secret Security Clearance is required;
• Minimum DOD 8570.01-M IAT Level II (Security+ or other certification) required;
• Must possess a background in incident detection and response, malware analysis, or cyber forensics incident handling;
• Ability to interpret IDS (Intrusion Detection System) signatures, firewall alerts, and anti-virus alerts and experience directing the remediation of incidents (intrusions, infections, misuse, etc);
• Must have extensive experience working with various security methodologies, standard operating procedures, processes and workflows;
• Advanced knowledge of cybersecurity tools and software;
• Ability to work flexible 24/7/365 schedule.

Established in 1995, Global Business Solutions, Inc. offers customers a distinctive blend of information technology capabilities, education and training services, and information assurance solutions. Managed by a team of executive leaders experienced in the field of information technology and training services within the industry and government, GBSI prides itself on exceeding expectations. Our award-winning solutions give clients the support tools needed to successfully deliver in evolving environments with confidence.

GBSI is dedicated to hiring and retaining a diverse workforce. GBSI is an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA statement, please visit http://www.gbsi.com/EEO.  U.S. Citizenship is required for most positions.

Pay Transparency Nondiscrimination Provision:

GBSI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with GBSI’s legal duty to furnish information.

Drug Free Workplace:
We maintain a drug-free workplace and perform pre-employment substance abuse testing.