Leidos has a career opening for a Senior Networks and Threat Forensics Support Specialist.
This work will be performed at a customer site near Fort Meade, Maryland
Perform analysis to support cyber operations. Collaborate with analytical counterparts and across the U.S. Intelligence Community; apply knowledge of network fundamentals, open-source tools, and current implementation of those technologies in order to devise all-source analytic/collection strategies to pursue access and exploitation of targets of interest. Perform all-source intelligence analyses of cyber activities to identify entities of interest; their methods, motives, and capabilities; determine malicious behavior; and recognize emergent patterns and linkages to visualize the larger picture of cyber-based operations. The analyst should also have familiarity with computer networking technologies and transmission schemes so as to perform technical analysis against target systems and networks, characterize target network capabilities and vulnerabilities, and support development of new techniques to exploit targets. Proficient with generating SNORT and other intrusion detection signatures. Perform extensive post-mission, produce technical intelligence reports in support of special programs and provide expertise and leadership to the team in the development of analytical models and assessments. Duties may include writing forensics and/or incident response reports, investigating computer attacks, and extracting data from electronic systems and training team members on analysis, tools or reporting.
UNITED STATES CITIZENSHIP IS REQUIRED. THIS POSITION REQUIRES AN ACTIVE TOP SECRET/SCI WITH POLYGRAPH CLEARANCE. Bachelor's degree in related field (or equivalent work experience) and 12+ years related experience. Work experience in network and vulnerability analysis. Work experience must include 5 years of network and vulnerability experience within the DoD/IC.
Experience in Network and Vulnerability Analysis
Intel Community Experience
Proven ability to work independently
Ability to accurately evaluate systems for potential technical and operational vulnerabilities
Identify evidence of computer network intrusions
Experience in intrusion detection signatures for multiple platforms
Experience in CNO and SIGINT tools, and databases of customer mission set
Expertise to perform technical analysis and capture results through formal documentation
SME in one or more fields related to intel analysis and computer networking technologies
Strong leadership with strong written and verbal communication skills. Self motivated, creative, willing to work as a member of a team, organized and able to manage individual schedules. Proficient with specific or single IC Tasking, Processing, Exploitation, and Dissemination processes. Proficient with internet research and interpreting complex information. Ability to work in a dynamic environment and non-standard hours when needed.
Preferred tools/certs: Wireshark, Nessus, Snort, tcpdump, tcp wrapper, IDS (various), ISS scanner, eEye digital vulnerability scanner, Network +, NSA IAM. (U//FOUO) One or more of the following certifications: CCISP - Certified Critical Infrastructure Security Professional CISM - Certified Information Security Manager CISSP - Certified Information Systems Security Professional SSCP - Systems Security Certified Practitioner GIAC - Global Information Assurance Certification CSP - RSA Certified Security Professional CPP - Certified Protection Professional
External Referral Eligible
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Top Secret/SCI with Polygraph
Scheduled Weekly Hours:
Defense & Intel