Leidos has an immediate need for a Senior Cyber Incident Response Technical Lead to support the DHS Enterprise SOC Program. This engineer
will be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment and the ability to coordinate multiple,
concurrent tasks in an effective manner. This engineer will have responsibility for leading IR efforts across shifts and across functional task areas for situational
awareness, smooth work transitions, reporting, and escalation as required. The functional task areas include Incident Response, US CERT reporting, Forensics, Threat Hunting, Security
Engineering, and Penetration Testing.
This engineer will be required to lead both technical and operational activities across functional areas for time-critical issues that require fast resolution and may result
in escalation to senior Leidos/DHS management for situational awareness and support. This engineer must be have a breadth of technical and people skills to effectively perform this
role. The ability to direct staff across multi-disciplinary functions is required. Situational awareness of the entirety of the Incident Response effort is an expectation as well as active
engagement as required as critical issues arise.
The ideal candidate will be expected to represent the Incident Response function for process improvements and other initiatives. The CSIR will also be called upon for other
tasks related to the SOC transformation to a next generation SOC including areas such as metrics, automation, collaboration, training, etc.
Excellent communication and writing skills are a requirement for this position as crisp and accurate communication with Senior Leadership will be required. The ability to
accurately and concisely create Situational Awareness Reports is required.
BS degree in Science, Technology, Engineering, Math or related field and 8 to 12 years of prior relevant experience or Masters degree with 6 to 10 years of prior relevant experience with a focus on cyber security.
Previous work experience with incident response, forensics, threat hunting and/or other related experience is required.
A minimum of 5 years of previous work experience as a project manager, team lead, manager or similar position leading multi-disciplinary teams is required. Previous experience with DHS is desirable but not required.
Experience with one or more of the following is highly desirable: APT, IOC, Netwitness, Splunk, ArcSight, FireEye, RSA/Archer, JIRA, TICs, security policies, situational Awareness reports, firewalls, Routers, Palo Alto, FISMA, US CERT reporting, among others.
Desired Skills: One or more of RHCSA/RHCE and CISSP or one of GCWN, GISF, GSSP, GICSP, CCSP, CSSLP, SSCP, CCSNP, CCIE-Security, ECSP, MCSE-Security Expert.
Security Clearance: Must have an active Top Secret. In addition to the specific clearance requirement, all personnel supporting DHS must obtain Suitability Clearance.