The Transportation and Border Security Services (T&BSS) Division has an opening in Northern Virginia for a Senior Incident Responder to support our TSA customer in their Security Operations Center.
Must have the ability and prior experience with analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes the identification of malicious code present within a computer system as well identification of malicious activities that are present within a computer system and/or enterprise network.
Must possess excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings
Must possess excellent organizational and attention to details skills
Must possess a working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks. A conceptual understanding of Windows Active Directory is also required.
Must possess a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, Multi-Protocol Label Switching (MPLS), etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP, etc), and devices such as firewalls, proxies, load balancers, VPN, etc.
Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also required.
Must have proficiency in utilizing various packet capture (PCAP) applications/engines and in the analysis of PCAP data
Must have experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment
Develop, document, and maintain Incident Response SOPs, processes, procedures, playbooks, and workflows
Expert understanding of the Incident Response and Attacker lifecycles
Tune and maintain security tools (EDR, IDS, SIEM, etc) to reduce alert false positives and improve SOC detection capabilities
Ensure investigation and Incident Response actions are documented thoroughly in Case Management Systems; prepare formal Incident Reports
Develop security content to include but not limited to scripts, signatures, dashboards, and metrics
Familiarity with Cyber Kill Chain, ATT&CK, and other industry frameworks
Normal work hours include 8:00 AM – 5:00 PM, on-call and after-hours support in response to incidents as dictated by mission requirements
Minimum requirements include:
Must have a current Secret clearance
Bachelors degree and 4 years of relevant experience working as a network security analyst or incident responder in a security operations center including handling and managing computer security incidents
Must be able to work day shift from 8:00AM- 5:00PM. on call and after hours support to incidents as dictated by mission requirements
Experience with Cloud Service Providers, familiarity with cloud architectures, and performing Incident Response in cloud environments
Certification: Advanced certification in incident handling (GCIH, CEH or equivalent); SANS advanced certifications (GCFA, GREM, GNFA); OCSP and quality penetration testing is desired.
Pay Range:Pay Range $74,750.00 - $115,000.00 - $155,250.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Covid Guidance for the US
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 44,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.