No two career paths will ever look the same. At Leidos, we know the most talented and diverse IT and cyber security professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.
Leidos has an immediate need for a Technical Lead for the Incident Response and Monitoring and Analysis functional areas of the DHS Enterprise Security
Operations Center (ESOC). This individual will provide technical operations oversight for ~25 staff with both an Incident Response and Monitoring and
Analysis lead as direct reports. This position reports to the Senior Program Manager for the contract.
The SOC Lead must be a self-starter with excellent analytical and problem-solving skills, flexibility, high energy, good judgment, and the ability to coordinate multiple,
concurrent tasks in an effective manner working in a collaborative and supportive fashion with team other members. This individual must be an excellent communicator
and leader as this role will be interfacing directly with the Program Manager, Government Watch Officers (GWOs), and the ESOC Director on a daily basis. The individual
will be expected to foster team spirit and morale.
- Providing any direction required to the Monitoring and Analysis Technical lead who runs a 24x7x365 operation.
- Providing any technical leadership required to the senior incident response engineers who provide consulting/remediation support to the M&A team
- Supporting the government watch offices (GWOs) so they have all required information to support their leadership
- Working with DHS Component SOCS to coordinate the resolution of incidents and security event notices
- Meeting NCCIC requirements for reporting incidents across DHS within required deadlines
- Creating and publishing Situational Reports for "hot" incidents under investigation by DHS
- Creating and publishing FISMA compliance reports
- Ensuring shifts handovers work in a fashion transparent to DHS leadership
- Running daily mid-day stand-up meetings
- Analyzing malware to take preventative measures
- Ensuring the quality of incident response tickets
- Providing DHS email hygiene working with the DHS Electronic Messaging (Email) team
- Providing an incident response "fly team" to other DHS locations to perform vulnerability analysis in direct response to major incidents
- Maintaining SOC process documentation
- Creating the strategy and providing direction to the Splunk content development team
- Participating in Continuous Improvement activities driven by the project manager
- Coordinate incident response activities across Component SOCs including providing technical direction and oversight.
EDUCATION & EXPERIENCE:
Requires Bachelors Degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 12 to 15 years of prior relevant experience or Masters with 10 to 13 years of prior relevant experience.
Must have a Secret Clearance with the ability to obtain a minimum of Top Secret/SCI. In addition to specific security clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
- 7+ years of relevant experience in a SOC
- Excellent communication and writing skills
- Previous leadership/management experience
- Technical knowledge and experience with one or more of incident response, malware analysis, packet capture, networking protocols, Splunk, Bluecoat, Cisco, router technology, Remedy and/or the RSA/Archer product and/or other related security technologies.
- One or more advanced security certifications such as CISSP, CEH, GCIH, or related certifications.
- Expertise with the entire Microsoft Office product suite - Excel, Powerpoint, Word
Experience in cyber government, and/or federal law enforcement. Cyber Kill Chain knowledge.