Leidos is seeking a cyber tools engineer specialist to support the DoD's JRSS (Joint Regional Security Stack) deployment activities, a multi-year, global effort to improve the DoD's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances.
Provide tier 2 and tier 3 support for the network security tools in the JRSS (Joint Regional Security Stack). In this capacity you will work as part of a multi-disciplinary team that supports the active and passive Computer Network Defense (CND) tools deployed in JRSS stacks. Build, integrate, and test prototypes and final implementations in the Ft. Meade Lab and support the deployment into production.
You will also integrate with other technical teams, with DISA personnel, with vendor technical support personnel, and with technical representatives from DoD services.
- Review and provide inputs on overall systems and detailed engineering plans for cyber security tools
- Provide analysis and support for the architecture and design of Elastic Search and Kafka-based systems.
- Provide support for the Linux systems infrastructure required for Elastic and Kafka solutions
- Build, integrate, and test prototypes and final implementations in the Ft. Meade Lab.
- Deploy the systems into production.
- Provide tier 2 and 3 operational support of the CND tool suite as needed.
- Provide incident response support. Investigate computer and information security incidents to determine extent of compromise to information and automated information systems
- Receive notification of an issue from DISA Global Network Assurance, triage the incident, collaborate with appropriate stakeholders and team members. Provide overall assessment back to the customer
- Act as the senior subject matter expert on one or more security tools for interactions and support with other teams
- Requires a BS degree and 8 years of prior relevant experience or Masters with 6 years of prior relevant experience. Additional experience accepted in lieu of a degree.
- Experience with installing and configuring Elastic Search software
- A good understanding Linux/Unix server construction, configuration, and maintenance
- Experience with building and maintaining systems in a virtual environment
- Experience with automation techniques and scripting in one or more of the following:
- Experience with Windows-based systems
- Good understanding of networking concepts, i.e., routing, switching, IP addressing, and Internet routing protocols
- Experience with identifying and mitigating security incidents
- Good written and oral communications skills
- A DoD Secret clearance is required to work on this program. In addition, you must be able to successfully obtain up to Top Secret based on requirements from the customer and program.
- DoD 8570 IAT2 certification is required
ADDITIONAL DESIRED QUALIFICATIONS
- Prior experience as a network intrusion analyst or Security Operations Center analyst.
- Experience configuring and maintaining systems in a multi-tenant environment
- Experience with one or more of the other CND tools in the JRSS cyber suite:
- Fidelis DLP and MDE