Join our talent network

Job #: R-00005689
Location: Fort Meade, MD
Category: Cyber Security
Schedule (FT/PT): Full time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: No
Clearance Required: Secret
Referral Eligibility: Eligible
Group: Defense

Job Description:

Leidos is seeking an Incident Response Analyst, who will perform advanced data mining and event correlation to hunt for potential security incidents and analyze and validate tier 2 findings. JRSS is a multi-year, global effort to improve the DoD's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances. This position is responsible for providing configuration, implementation, configuration and ongoing performance enhancement work for SourceFire appliances installed in the JRSS environment.

In this role, you will work with customer CSSP organizations to provide proper visibility and reporting of findings. You will also work with cyber tool development teams to identify, define, and help write SIEM content; support the tuning of IPS and IDS systems; and recommend enhancements to methods and capabilities.

Primary Responsibilities:
  • Perform advanced data mining and event correlation to hunt for potential security incidents
  • Analyze and validate tier 2 findings.
  • Work with customer CSSP organizations to provide proper visibility and reporting of findings.
  • Work with tool integration and deployment teams to support new SIEM content, updated IPS and IDS configurations, validate new capabilities


Basic Qualifications:
  • Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education, with 4 or more years experience.
  • Experience in handling security events in mission critical environments; hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests.
  • Experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
  • Good understanding of security incident response techniques
  • Experience analyzing system and application logs to investigate security issues and/or complex operational issues.
  • Good knowledge of Threat Detection Tools, IDS/IPS, Network Packet Analysis, and Endpoint Protection.
  • Experience with utilizing SIEM (such as ArcSight, Splunk, etc.) in investigating security issues and / or complex operational issues on Windows and Linux/Unix .
  • Good knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).
  • Per contract requirements, U.S. citizenship and an active DoD Secret clearance is required. In addition, you must be able to successfully obtain up to Top Secret based on requirements from the customer and program.
  • DoD 8570 certification is required


Preferred Qualifications:
  • Experience with Elastic Search and Splunk


GSMO

External Referral Eligible

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 31,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.17 billion for the fiscal year ended December 29, 2017. (NYSE: LDOS) All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community