No two career paths will ever look the same. At Leidos, we know the most talented and diverse IT and cyber security professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.Department of Homeland Security (DHS), Federal Emergency Management Agency (FEMA) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to FEMA networks through monitoring, intrusion detection and protective security services to FEMA information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The FEMA SOC is responsible for the overall security of FEMA Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations. The DHS FEMA SOC Program has a critical need for a Cyber Security Subject Matter Expert (SME). This is a full time position based in Bluemont, VA (Mount Weather). This position does not have Telecommuting Options.
Duties will include investigating computer and information security incidents to determine extent of compromise to information and automated information systems, providing computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments, researching and maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.In addition, the SME will lead and mentor other SOC Support Staff and will communicate with executive leadership regarding matters of significant importance to the DHS SOC Support Services Program. The SME should have expertise in at least one
of the following specialized areas: - Email security - Digital media forensic -
Monitoring and detection - Incident Response - Vulnerability assessment and pen
test - Cyber intelligence analysis Supports detection, containment, and
eradication of APT activities targeting customer networks. Process community
reporting, conduct link analysis, and collaborate with other Government cyber
fusion teams. Publish intelligence products to inform network defenders about
APT activities, new detection methods, among other topics of interest.
Will work a rotating shift consisting of three 12 hour shifts with four days off the first week of the pay period and three 12 hour
shifts, one 8 hour shift and 3 days off the second week of the pay period. This position location is in Bluemont, VA
(Mount Weather) area. DHSCYBERLeadGenLeadGenCyber
EDUCATION & EXPERIENCE: Requires Bachelors Degree in Computer Science, Engineering, Information
Technology, Cyber Security, or related field and 12 to 15 years of prior relevant experience or Masters with 10 to 13 years of prior relevant experience. May possess a Doctorate in technical domain. Prior relevant experience should be in the areas of incident detection and response, malware analysis, or cyber
forensics.Minimum of current Top Secret clearance with ability to
obtain TS/SCI Clearance. In addition to specific security clearance
requirements all Department of Homeland Security SOC employees are required to
obtain an Entry on Duty (EOD) clearance to support this program. In addition, minimum of 7 years of specialized experience in
one or more of the following areas:Email securityDigital media forensicMonitoring and detectionIncident ResponseVulnerability assessment and Pen TestCyber intelligence analysis Must have at least one of the following
certifications: SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN,
GMON or GCIH ISC2 CCFP, CCSP, CISSP CERT CSIH EC Council: CHFI, LPT, ECSA,
Offensive Security: OSCP, OSCE, OSWP and OSEE EnCase: EnCE Dod 8570: IAT L3,
CNDSP Analyst or IR Carnegie Mellon: CCSIH" Extensive experience analyzing and synthesizing information
with other relevant data sources, providing guidance and mentorship to others
in cyber threat analysis and operations, evaluating, interpreting, and
integrating all sources of information, and fusing computer network attack
analyses with counterintelligence and law enforcement investigations.
DESIRED SKILLS: Experience in cyber government, and/or
federal law enforcement. Cyber Kill Chain knowledge.