Join our talent network

Job #: R-00006341
Location: Springfield, VA
Category: Cyber Security
Schedule (FT/PT): Full time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: No
Clearance Required: Public Trust
Referral Eligibility: Eligible
Group: Civil

Job Description:

The Homeland Security Solutions Operations within Leidos is looking for a Cyber Lead to provide cyber leadership on a mission-critical program whose purpose is development, maintenance, modernization, enhancements, operations and maintenance services for DHS/CBP mission critical systems. This Lead will build and direct a world-class team to support this national-scale program. The Cyber lead is responsible for identifying and mitigating malicious cyber threats and activities across the program. He/she will provide the planning, direction, coordination, and control necessary to accomplish all work requirements and task orders and manage and oversee all activities performed by contractor personnel, including subcontractors, to satisfy the contract cyber requirements.

Primary Responsibilities
List daily duties and/or specific job responsibilities.
• Requires experience in providing leadership and vision in incident handling, response, and analysis.
• Must be hands-on and have intimate knowledge and experience in cybersecurity, incident response, and analysis; digital forensics; security vulnerabilities/weaknesses and related attacks; network security issues, and encryption technologies.
• Responsible for planning and assignment of tasks, monitoring delivery, and work assignments.
• Responsible for review of work products prior to delivery to the Government.
• Support assessments of projected cyber risk; make predictions about threats to federal networks and critical infrastructure sectors, and conduct case studies.
• Support the adoption and/or implementation of Federal and national standards or guidance to enhance training and skills development for the Federal workforce.
• Develop and present capability and technology roadmaps.
• Support development and maintenance of Continuity of Operations (COOP) Plans and other operations planning documentation.
• Provide technical assistance in the development of Business Impact Analyses (BIA), Business Continuity Plans (BCPs), and Disaster Recovery Plans (DRPs).
• Provide engineering and technical support services to functional groups to include providing specific tool studies, systems analyses, testing and evaluation, and to supplement operational technical assistance as required.
• Provide support to programming code reviews, determining system performance specifications, identifying and resolving interoperability problems, developing requirements, determining parameters, and resolving conflicts between disparate technologies as they arise.
• Provide engineering and technical assistance support to include technical support for current, proposed, and potential cybersecurity related mission objectives.
• Provide subject matter expertise to assist with matters to include strategies for improving resource allocation, alignment of work, and improving work-life balance for employees.

Basic Qualifications
• Demonstrated experience/knowledge of providing Cyber incident response and handling using established best practices/methodologies.
• Experience in identifying the root cause of an incident and recognize the key elements to investigate with the customer to get the root cause of an incident.
• Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.).
• Experience in recognizing and categorizing types of vulnerabilities and associated attacks.
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored]).
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code.
• Active CISM or CISSP certification.

Preferred Qualifications
• Knowledge of the DHS National Cyber Incident Scoring System to be able to prioritize triaging of incident.
• Knowledge of basic system administration and operating system hardening techniques.
• Knowledge of Federal policies, procedures, and regulations.
• Demonstrated strong operational expertise in one or more of the following CND tools: Splunk, Palo Alto, Network Firewalls, SourceFire/Cisco IPS, BRO, FireEye, AirTight and Solera.
• Experience coaching and leading cyber analysts and/or IT engineers.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic)
• Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics
• Other Active Cyber Certification(s), such as GIAC Penetration Tester (GPEN), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCase Certified Examiner (EnCE), GIAC Network Forensic Analyst (GNFA), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), etc.

EDUCATION & EXPERIENCE: Requires BS degree and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience. May possess a Doctorate in technical domain.

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 31,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.17 billion for the fiscal year ended December 29, 2017. (NYSE: LDOS) All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community