Leidos is looking for a ISSO to provide cyber hunt leadership on a mission-critical program whose purpose is rapid response to cyber incidents and proactive monitoring for malicious cyber activity. This Lead will perform network and host-based cyber defense and hunt, incident response, containment, remediation, and asset recovery efforts, working with Government, private sector, and international constituents and partners. The lead is responsible to guide the efforts of a team of cyber analysts, including subcontractors, supporting the Government in day-to-day cyber hunt operations, analysis, remediation, and countermeasures to protect and defend critical infrastructure.
• Lead the Hunt Support Team to provide timely response to customer requests for assistance in cyber activities: hunt, intelligence analysis, data fusion, and countermeasures to protect national critical infrastructure under NCCIC purview
• Provide threat analyses, mitigation/countermeasure recommendations, after action reports, summaries, and other situational awareness information to customer and other stakeholders
• Develop Tactics, Techniques, and Procedures (TTPs) establishing reporting criteria, structure, and operational reports
• Provide technical support, analysis, and recommendations in areas such as: Surveillance and Reconnaissance; Perimeter Defense; Malicious Software (Malware) Analysis; Attack vector analysis; Computer Network Defense (CND); Incident Handling; Vulnerability Management/ Reporting; Risk Analysis and Readiness; Strategic Planning Analysis
• Participate in inter-agency sponsored community of interest analysis groups, conduct and participate in technical briefings and exchanges
• Conduct peer reviews and provides quality assurance reviews for junior personnel• Oversee technical analysis by mentoring/providing guidance to others on data collection, analysis and reporting in support of HIRT engagements• 25% travel required; occasional international travel may be required
BASIC QUALIFICATIONS: - At least one of the Professional certifications to include CompTIA A+, Network+, Security+, GCIH, GSEC, GISP, ISC2 SSPC, or CISSP. - Hands on experience with operating and managing classified and unclassified IT security / Information Assurance solutions in the context of Federal IT Security regulations and guidance such as NIST 800-53, NIST 800-37 and FIPS 199 - Experience in one or more of the following areas are required: understanding of Federal security practices and procedures; knowledge of current security tools; hardware/software security implementations; communication protocols; and encryption techniques/tools
PREFERRED QUALIFICATIONS: - Candidates with strong analytical and organizational skills with excellent written and verbal communication skills. - Shall be capable of working independently as well as part of a larger group under minimal/moderate supervision. - A technical background such as information assurance, cyber security, computer science, computer engineering, or traditional engineering, is preferred as the technical skills will assist with the ISSO tasks.
EDUCATION & EXPERIENCE: Typically requires BS degree and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience. May possess a Doctorate in technical domain.