The Leidos Corporate Information Security Group has an immediate opening for an experienced, and motivated Senior Manager of Cybersecurity Controls and Configuration to join our Security Controls and Configuration Team.
The Security Controls and Configuration (SCC) Team works with the Leidos Cybersecurity Intelligence and Response Center (CSIRC) and Security Engineering and Architecture (SAE) organizations to configure, maintain, and manage technical controls for Leidos enterprise security assets. These include the vendor configurations for Network and Host IDS, and our developed baseline for our custom IDS sensor. The role focuses on codifying our robust security policies, resolving change requests by assessing impact, and automating procedures wherever possible.
- Act as a technical SME for the Cyber Security Capabilities team responsible for the technical security policies that defend the global Leidos network
- Work closely with the CSIRC and respond to Intrusion Response activity with appropriate security countermeasures.
- Work closely with ITS to ensure technical security policy balances security best practices and corporate usability.
- Work closely with SAE to resolve NIDS/HIDS vendor bugs, and engineering capability gaps.
- Support the development of a codified, robust baseline for all security policies across all platforms, and a streamlined approach to change management.
- Be a SME in the vendor and open source capabilities available to stay ahead of the threats
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
- Be a Cyber Operations leader, and provide mentorship for less experienced team members.
- Manage and maintain Security Controls and Configuration (SCC) team level tasking; reporting status, risks, and areas for improvement on a consistent basis.
- Manage and participate in an on-call rotation
- Bachelor's degree and 8+ years of relevant experience.
- Hands on experience with popular NIDS and firewall remediation technologies, syntax, and CM control (Palo Alto, Juniper, FireEye, WildFire, etc.)
- Hands on experience with popular HIDS remediation technologies, syntax, and CM control (Symantec, McAfee, Tanium, Cylance, etc.)
- Demonstrated experience as a technical team lead.
- Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences is essential.
- Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
- Strong understanding of Operating Systems and Network Protocols.
- Ability to create, modify, and implement countermeasures within common COTS and FOSS tools in order to gauge their effectiveness.
- US citizenship is required and able to obtain security clearance.
- Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
- Foundational understanding of the Linux operating system.
- Hands on experience with popular open source IDS technologies, syntax, and CM control (Snort, Bro, Suricata, etc.)
- Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
- Demonstrated experience performing cybersecurity analysis from an operators point-of-view
- Active DoD Secret or higher clearance
- Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
- Familiarity with common scripting languages (like Perl and Python) to parse logs, automate processes, etc.