Join our talent network

Job #: TR-640055
Location: Arlington, VA
Category: Cyber Security
Schedule (FT/PT): Full time
Travel Required: Yes, 25% of the time
Shift: Day
Potential for Telework: No
Clearance Required: Top Secret/SCI
Referral Eligibility: Ineligible
Group: Civil

Job Description:

Leidos is looking for a Lead Incident Response Manager to oversee program-wide outreach and information sharing on a mission-critical program whose purpose is rapid response to cyber incidents and proactive monitoring for malicious cyber activity. The Manager is responsible for leading a team that coordinates and distributes cyber security operations status and threat information from across the stakeholder groups and provide daily briefs for the Government to ensure immediate sharing of information to protect and defend critical infrastructure. Responsibilities include:
• Support subordinate employee selection and coordinate training, performance assessment, work assignments and other personnel actions• Lead cyber communications team in problem identification, information sharing, collaboration, coordination, briefing development, and working group participation activities• Manage and monitor adherence to operations plans, budgets, and schedules• Facilitate information sharing between government and industry (incl. telecommunications and information technology) efforts for the protection of critical communications infrastructure from malicious cyber activity• Facilitate DHS efforts to formalize partnerships with governmental and private sector cyber incident or emergency response teams to accept, triage, and collaboratively respond to cascading impacts in an efficient manner• Coordinate national-level cybersecurity information sharing consistent with the National Response Framework (NRF)• Participate in inter-agency sponsored community of interest analysis groups working groups as to discuss trends and observations from hunts and incidents• Coordinate incident response efforts with industry association, government agency, and Information Sharing and Analysis Center (ISAC) partners, including identifying Intelligence Community (IC) reporting and supporting the creation of formal and informal RFIs to obtain additional tear-lines/request for information for use to support the incident response process• Assist in the preparation of communications to inform DHS leadership of emerging threats and associated response activities in the form of briefings, leadership awareness notices, or other communications channels• Provide classified and unclassified cyber risk briefings and activity updates to Critical Infrastructure and Key Resources (CIKR) community stakeholders (including private industry)• Gather information relevant for the NCCIC Directors brief and build a slide deck every evening for the following day for HIRT specific incidents and outreach efforts• Up to 25% travel required; occasional international travel
MINIMUM REQUIRED QUALIFICATIONS: • Ability to provide daily communications to client for operations support of DHS National Cybersecurity & Communications Integration Center (NCCIC)• Excellent writing skills and ability to communicate effectively, including public speaking, and briefing senior government and commercial executives• Ability to work across multiple task orders (T&M and FFP) and projects in parallel• Knowledge and Ability to work cross-functionally to enable cyber operations and success (operations, communications/outreach, program management)• Demonstrated experience/knowledge of incident response and handling methodologies• Experience communicating cyber defense messages to various audiences and across various mediums (portal, reports, presentations)• Cyber operations management experience and responsibility leading cyber programs for government and/or commercial customers• Bachelor's degree with 10 years of relevant experience or Master's degree with 8 years of relevant experience• 5 years of experience supervising or leading teams or projects• Active Top Secret clearance with SSBI; Ability to obtain a TS/SCI clearance• Active CAP, GSLC, CISM, or CISSP certificationADDITIONAL DESIRED QUALIFICATIONS: • Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)• Knowledge of established Federal regulations and DHS policies, procedures, and instructions • Knowledge of Cyber Operations including Incident Response, Hunt, Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA)• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored])• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)• Certified Information Systems Security Professional (CISSP)• Project Management Professional (PMP)

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 31,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.17 billion for the fiscal year ended December 29, 2017. (NYSE: LDOS) All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community