Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
Leidos has an immediate need for a Cyber Security Engineer to support this CBP Program.
The Cyber Security Engineer will need to be a self-starter with good analytical and problem-solving skills, flexibility, good judgment and the ability to work on concurrent tasks in an effective manner. Will be a member of a multi-disciplined team working in a high pressure, fast paced environment. Responsibilities will include deploying, patching, running health checks on all Splunk assets. Managing Splunk indexers and building out Splunk assets. Environment wide scanning and patching using a variety of security tools. May mentor junior security engineers.
Required Skills and Education:
BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on cyber security or Masters with 6 years of prior relevant experience., or equivalent work experience/training in lieu of degree.
Must have an active Secret Clearance. In addition to the specific clearance requirement, all personnel supporting CBP must have a current background investigation (BI) or obtain a favorable BI before joining the program.
Recent security operations center (SOC) experience. Experience with a variety of security tools. Must have 4 years of experience supporting mission critical projects. Understand performance metrics related to security operations. Experience using key cyber and network technologies like Splunk
Cyber Kill Chain and Intelligence Driven Defense hands on knowledge. K nowledge of key cyber and network technologies such as Netwitness, ArcSight, FireEye
Certifications: CISSP or one of GCWN, GISF, GSSP, GICSP, CCSP, CSSLP, SSCP, CCSNP, CCIE-Security, ECSP, MCSE-Security Expert.