Cybersecurity Automation Engineer

Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Top Secret/SCI

Clearance Level Must Be Able to Obtain:
Top Secret/SCI

Public Trust/Other Required:
None

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
Automation, Cyber Defense, Cybersecurity, Cyber Threat Intelligence, Security Operations
Certifications:
None
Experience:
8 + years of related experience
ship Required:
Yes

Job Description:

Advance your career while impacting our national security in cyber as a Senior Principal Cybersecurity Automation Engineer at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.

The Senior Principal Cybersecurity Automation Engineer will be responsible for utilizing Splunk Phantom for engineering and managing all Security Orchestration Automation Response (SOAR). This role demands an experienced Security Threat Engineer with a robust technical skill set and direct experience in integration and playbook development for Splunk Phantom. The engineer will support automation for various security functions including incident handling, incident response, intrusion analysis, threat hunting, digital forensic analysis, vulnerability scanning, Data Loss Prevention (DLP), and other cyber and information assurance automation activities.

WHAT YOU'LL NEED TO SUCCEED

Key Responsibilities

• Engineer and manage all SOAR using Splunk Phantom.
• Integrate security use cases into Phantom.
• Develop reusable, testable, and efficient Python-based Playbooks.
• Configure and program to enable seamless integration of Phantom with other systems.
• Extend the platform by developing Security Apps.
• Train and mentor security development teams on the capabilities of Phantom.
• Use available tools and the Phantom platform to enable automation and orchestration.
• Collaborate with the customer to identify security integration and implementation strategies, developing their expertise in Phantom.
• Define requirements for creative integrations and playbooks.
• Partner with security operations teams, threat intelligence groups, and incident responders.
• Codify workflows into automated playbooks.
• Implement and develop Phantom's flexible app model, using numerous tools and APIs.
• Utilize Python scripts, PowerShell, and Linux commands for integrations.
• Drive efficient communication with integrated collaboration tools.
• Use Phantom event and case management for rapid triage of events.
• Notify CND managers, incident responders, and team members of suspected CND incidents and provide detailed event histories, statuses, and potential impacts.
• Coordinate with higher authorities on actual or attempted intrusions, viruses, and other events.
• Implement and enforce CND policies and procedures adhering to applicable laws and regulations.
• Provide incident reports, summaries, and situational awareness information to higher headquarters.
• Manage incidents from inception to after-action reporting.

Required Qualifications

• 8+ years of relevant experience
• 8570 Certification: Minimum certification IAT level II (e.g., CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP); Level III preferred (e.g., CISSP, GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User)
• Experience with Splunk Phantom, Linux, and PowerShell

Preferred Qualifications

• Experience installing and configuring Phantom.
• Experience in integrating security use cases into Phantom.
• Expertise in developing Python scripts, PowerShell, and using Linux commands.

Critical Soft Skills

• Ability to multi-task and adapt to changing priorities in highly stressful situations.
• Highly resilient and motivated to investigate unfamiliar problems in a high OPTEMPO environment.
• Critical thinking skills for applying and correlating data from multiple sources to solve complex problems.
• Strong ability to articulate operational impacts of cybersecurity incidents/events to leadership.
• Effective communication skills and the ability to build strong relationships with other teams.

Location

• On Customer Site

Security Clearance

• TS/SCI Required

Citizenship Required

• ship

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

Growth: AI-powered career tool that identifies career steps and learning opportunities

Support: An internal mobility team focused on helping you achieve your career goals
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
Community: Award-winning culture of innovation and a military-friendly workplace

The likely salary range for this position is $127,500 - $172,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
10-25%

Telecommuting Options:
Onsite

Work Location:
USA NC Fort Bragg

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans