Do you want to grow your career and be part of a team solving critical challenges that affect the world? Leidos Civil is leading the way in solving internationally pressing issues, including: -Aviation - Guiding the world's air traffic, managing 43,000+ flights for 2.5 million passengers per day -Logistics & infrastructure support - Operating infrastructure for large-scale nuclear cleanup efforts -Cybersecurity - Monitoring advanced threats; managing security services and utility command and control centers -Facility management & operations - Operating the world's longest supply chain to Antarctica -Energy engineering - Restoring power during hurricane efforts; helping communities achieve significant energy savings -Environmental management - Delivering innovative environmental solutions and wildlife conservation plans -IT infrastructure modernization - Helping 2+ million citizens recover from identity theft; maintaining global biometrics systems -Transportation security solutions - Securing U.S. borders with 1200+ radiation and explosive monitors; designing vehicle solutions that save lives, reduce congestion, and boost fuel efficiency If you desire to be an integral part of a dynamic team of science and technology leaders, then Leidos Civil is the place for you! Protect yourself and your family, with the benefits of working for a world-class employer. When you join Leidos, you join a Fortune 500 company and one of Ethisphere Institute's "World's Most Ethical Companies" Leidos...Practical Answers for a Complicated World
Description;Monitors, analyzes and determines the remediation solution(s) for threats and vulnerabilities to the enterprise Wide Area and Local Area (WAN, LAN) networks using state of the practice tools, processes, methods and automated analytics. The analyst is considered the human-over-the-loop, maximizing use automation techniques. The cybersecurity analyst protects the integrity of the networks and ensures that all the defense measures are in place to protect the enterprise network and mission critical information from cyber-attacks and threats. The cybersecurity analyst is a key member of the security team, SecDevOps and NetworkDevOps that consists of the security/network architects, analysts and engineer/administrators and collaborates on evolving best methods/practices for detecting and blocking attacks. This position is also responsible for detecting potential/emerging threats or subtle vulnerabilities using data analytics and deep learning techniques. The analyst will evolve the security infrastructure as technology matures to an integrated security fabric that is based on Intent Based Network Security (IBNS). The analyst provides direct support in achieving Authorization to Operate (ATO) software and hardware configurations and remediating non-compliant (insufficiently hardened configurations). Cybersecurity Job Responsibilities: • Develops Intent Based Network Security (IBNS) strategy based on requirements, Service Level Agreements and the network(s) architectures working with the security architect, network architect and security engineer/administrators. • Work with the network and security engineers/administrators to implement IBNS automation and performs continuous monitoring to refine the solutions. • Identifying through analysis, security mitigations where needed, regardless of the boundary, and then chaining the mitigations together to enable centrally-defined security intentions. • Develop analysis assessment methods based on IBNS threat intelligence correlation for both new and emerging threats. • Develop solutions that leverage IBNS to pre-empt threats and validate business event translations into infrastructure security policies. • Continuous monitoring and assessment of the security framework applying state of the practice automated data analytics and deep learning tools to inform the IBNS. • Performs quantitative analysis and assessments of the integrated security framework, ensuring that the integrated security fabric applies protections across the distributed networks to trigger monitoring and inspection, policy assignment and enforcement, and orchestration and threat response. • Perform data/event correlation using deep learning and risk analysis scoring evolving and maximizing the use of automation to position the analyst as a human-over-the-loop, reducing manual analysis tasks. • Develops and ensures enforcement of security policies, rules and processes and assures that these are applied to the programs systems. • Tracks vulnerabilities and other security issues through the creation and update of a Plan of Action and Milestones (POAM) list enterprise-network wide • Create new techniques for solving and optimizing existing operational security issues and POAM items to reduce program risk. Develop and maintain documentation for all security solutions Provides support for network information security audits • In concert with the security architect and engineer/administrator, validates DevOps testing scripts and resolves issues prior to changes being introduced to the operational system. • Respond to information security issues during each stage of a project's lifecycle. • Performs analysis and scanning of security as code as a member of the SecDevOps tea, • Performs analysis of automated security testing scripts and results to determine the effectiveness of automated testing of release builds before they are deployed. • Develop automated security audit solutions using scripts and analysis techniques for a human-over-the loop. • Assess the processes, methodology and tools/scripts used to screen and validate the security and reliability of build packages and the platforms they are built on and provide recommendations for improvement. • Develop processes/methods and instrumentation to validate the infrastructure is operating in compliance with requirements and SLA's and identify and remediate defects. • Document, track and resolve security incidents in concert with security engineers/administrators and the security architect. • Investigate intrusion incidents, conduct forensic investigations and mount incident responses in collaboration with the security engineers/administrators. • Test and document security solutions using SecDevOps automation and industry standard analysis criteria. • Configure the security dashboard views to support real-time state of the enterprise networks and provide historical and forecasting report objectives for multiple stakeholder roles • Analyze and advise on new security technologies and program conformance to security controls and SLA's • Evaluate new technologies and processes that enhance security capabilities in collaboration with the security architect • Perform log analysis and evolve the log analysis automation using deep learning and data analytics tools and methods. • Enhances organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments. • Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. Preferred Skills and Qualifications • Bachelor of Science in Cybersecurity with minor in computer science, mathematics or related field • A minimum of 8 years of experience in the field • Applied knowledge of IBNS through either a security implementation or through applied study/testing • Proven track record in SecDevOps state of the practice network security for large networks • Applied knowledge of SDN/NFV through either a security implementation or through applied study/testing • Demonstrated in-depth knowledge of security analytical techniques, forensic analysis and automation methodologies • Experience with Wide Area and Local Area network penetration testing and techniques • Proven portfolio working with firewalls, proxies, SIEM, antivirus, and IDPS concrete implementations • Proven experience in identifying and mitigating network vulnerabilities and explain the actions to take for how to avoid or mitigate the risk • Proven experience performing risk assessments and mitigation • Proven experience in the development and maintenance of the SSP • Has applied SecDevOps or is working toward evolving SecDevOps for a mission system or enterprise • Worked successfully with Federal Agency organization or DoD organization on achieving a security ATO • 5+ Years working with NIST 800-53 and FISMA High security control based program infrastructures • Working knowledge of the FAA and FAA security practices and standards • Certified Information Systems Security Professional certification • CompTIA Security+ certification • Public Trust clearance or higher level clearance attained • Excellent communication and writing skills to work with all levels of an organization Cybersecurity Skills and Qualifications: Security data analytics, IBNS, SecDevOps, SDN/NFV, Network Security, Networking Standards, Network Protocols, NIST/FISMA standards and controls, SIEM platforms and security tools, Network Hardware Configurations, Decision Making, Informing Others, Functional and Technical Skills, Dependability, Information Security Practices and Policies LeadGenLeadGenCyber
EDUCATION & EXPERIENCE: Typically requires BS degree and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience. May possess a Doctorate in technical domain.
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 10% of the time
Scheduled Weekly Hours: