The Leidos Cybersecurity Intelligence & Response Center (CSIRC) has an immediate opening for an experienced, and motivated Systems Engineer in Gaithersburg, MD.
As a System Engineer with the CSIRC, you will be an integral part of a team of knowledgeable engineers responsible for technical planning, design, deployment, integration, verification and validation, and fielding of Leidos' email defense capabilities. In this role you will support activities like incident response, investigative analysis, and research on existing and emerging cyber threats by working directly with CSIRC analysts to gather infrastructure requirements, perform requirements analysis, work through the formal change control process, stay abreast of new technologies and capabilities, and make best-practice recommendations. You will apply expert level knowledge to design, test, deploy, and manage a complex infrastructure supporting critical email defense systems.
- Responsible for product and environment design of the Leidos email defense infrastructure.
- Maintain and update design release documentation, system documentation, and network diagrams.
- Thoroughly document and work through any exceptions to corporate policy through established waiver process.
- Optimize system operations and resources utilization, and perform system capacity analysis and planning.
- Provide technical guidance to the CSIRC and/or the lines of businesses during investigations or incident response.
- Participation in internal technical meetings and design reviews.
- Maintain the necessary project plans and documentation of all system builds and modifications.
- Collaboration with team leads and analysts to develop capability requirements.
- Professionally represent the CSIRC as a technical consultant on projects.
- Translate loosely defined requirements into solutions.
- Presenting solutions to management with fully formed proposals and documentation.
- Continuously improving team-internal processes, covering design, implementation and validation.
- Provide direct and responsive support for urgent analytic needs.
- Provide on-call support for incident response efforts outside of core hours as needed.
- Bachelor's degree and 4+ years full time experience in Systems Engineering, System Administration, DevOps, or related role. Additional years of relevant experience will be considered in lieu of Bachelor's degree.
- Experience with email security in large, distributed environments
- Understanding of email delivery architecture, email gateway and DNS technologies;
- Understanding of key networking protocols (TCP/IP, UDP, ICMP, etc), OSI model, and key application protocols (SMTP, DNS)
- Experience working with email threat prevention platforms
- Knowledge of DMARC, DKIM, and SPF
- Knowledge of email messaging systems, system administration in email gateways, Microsoft Exchange, Mail gateways
- Experience applying filters using email products/yara signatures
- Experience with Change Board processes
- Ability to communicate effectively via multiple channels with technical and non-technical staff.
- Self-motivated with the ability to work independently, and adapt quickly
- Dedication to continuous improvement
- Effective project and time management skills.
- Must be US Citizen and eligible for Secret clearance.
- Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
- Understanding of Cyber Security & Information Security technology
- Experience scripting in some of the common languages, such as Bash, Perl, and/or Python.
- System Project Design and lifecycle experience (waterfall/agile)
- Experience with Linux CentOS/RHEL system administration
- Experience with sandbox technologies and platforms
- Experience with configuration management tools
- Knowledge of best practices and IT operations in an always-up, always-available service
- Cloud architecture and experience.
- Familiarity with analysis, including Knowledge Discovery and Data Mining
- Strong metrics and operational excellence focus.
- Industry standard certification(s) such as: CISSP, SANS/GIAC, CEH