Leidos is seeking an Industrial Control systems (ICS) Lead on a mission-critical program whose purpose is rapid response to cyber incidents and proactive monitoring for malicious cyber activity. This person will lead teams performing incident response and mitigation activities for ICS environments.
Must be U.S. citizen and possess an active TS clearance and ability to obtain TS/SCI.
* NOTE: This position can be based out of Idaho Falls, ID or Arlington, VA.
• Perform incident response and mitigation activities for industrial control systems (ICS) environments
• Perform risk assessments to assess and mitigate the identified vulnerabilities in ICS environments
• Support remediation of ICS to close gaps and ensure compliance with policies and standards
• Serve as technical expert and liaison to leadership, the intelligence community (IC), and law enforcement personnel explaining incident details as required
• Oversee technical analysis by providing guidance to others on data collection, analysis and reporting
• Lead and coordinate teams in preliminary incident response investigations for ICS environments
• Serves as the customer interface while onsite
• Determine appropriate courses of actions in response to identified and analyzed anomalous activity
• Manage stakeholder relationships; coordinate with other contractors
• Manage project status, progress reporting, risks/issues, scheduling, quality, and continual improvement
• Provide accurate, concise reporting
MINIMUM REQUIRED QUALIFICATIONS:
• BS degree and 12 years of prior relevant experience or Masters with 10 years of prior relevant experience
• Active TS clearance; Ability to obtain a TS/SCI clearance
• 3 years' experience supervising or leading ICS/SCADA/PCS teams or projects
• 5 years' experience working in ICS environments in one or more of the 16 critical infrastructure sectors.as defined in PPD 21, e.g., Nuclear Reactors, Materials, and Waste; Transportation Systems; Critical Manufacturing; Communications; and Defense Industrial Base.
• Experience in network traffic analysis, host analysis, and radio communications with ICS field device level interrogation and serial protocols
• Knowledge of industry best practices and standards to include but not limited to IEC 62443, NERC CIP, NESA, and OG86
• Experience applying NIST SP 800-82, Guide to ICS Security
• Knowledge of general cyber-attack stages
• Knowledge of incident response and handling methodologies
• Knowledge of defense-in-depth principles and network security architecture
ADDITIONAL DESIRED QUALIFICATIONS:
• GIAC Global Industrial Cyber Security Professional (GICSP) certification
• Demonstrated experience working with cloud platforms (AWS, Azure)