Leidos is seeking a cyber tools engineer specialist to support the NOAA SOC deployment activities, a multi-year, global effort to improve the NOAA's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances.
Provide tier 2 support for the network security tools in the SOC. In this capacity you will work as part of a multi-disciplinary team that supports the active and passive Computer Network Defense (CND) tools deployed in NOAA SOC and DOC ESOC environments. Build, integrate, and test prototypes and final implementations in the SOC and support the deployment into production.
You will also integrate with other technical teams, with SOC personnel, with vendor technical support personnel, and with technical representatives from SOC services.
• Review and provide inputs on overall systems and detailed engineering plans for cyber security tools
• Provide analysis and support for the architecture and design of search, investigation, logging, and forensics capture applications used in the SOC.
• Build, integrate, and test prototypes and final implementations in the SOC.
• Deploy the systems into production.
• Provide operational support of the CND tool suite as needed.
• Provide incident response support. Investigate computer and information security incidents to determine extent of compromise to information and automated information systems
• Receive notification of an issue from SOC, triage the incident, collaborate with appropriate stakeholders and team members. Provide overall assessment back to the customer
• Act as the senior subject matter expert on one or more security tools for interactions and support with other teams
Requires BS degree and 2 - 4 years of prior relevant experience or Masters with less than 2 years of prior relevant experience.
• Experience with installing and configuring software
• A good understanding server construction, configuration, and maintenance
• Experience with building and maintaining systems in a virtual environment
• Experience with automation techniques and scripting in one or more of the following:
• Experience with Windows-based systems
• Good understanding of networking concepts, i.e., routing, switching, IP addressing, and Internet routing protocols
• Experience with identifying and mitigating security incidents
• Good written and oral communications skills
ADDITIONAL DESIRED QUALIFICATIONS
• Prior experience as a network intrusion analyst or Security Operations Center analyst.
• Experience configuring and maintaining systems in a multi-tenant environment
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 10% of the time
Scheduled Weekly Hours: