No two career paths will ever look the same. At Leidos, we know the most talented and diverse IT and cyber security professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.
Department of Homeland Security (DHS), Federal Emergency Management Agency (FEMA) GRC is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to FEMA networks through monitoring, vulnerability analysis, security control assessments, and risk management services to FEMA information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The FEMA is responsible for the overall security of FEMA Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
The DHS FEMA Program has a critical need for Cyber Security Subject Matter Experts (SME) . This is a full time position based in Washington, DC.
Duties may include identifying and investigating system vulnerabilities to provide critical feedback on the type and extent of security controls needed to support both the security and risk management plans, reviewing and assessing current security controls to determine efficacy of planned installation or implementation, and assessing the integration of future security controls to support growth in network and system architecture. Duties may also include conducting risk assessments, identifying individual system risk acceptance and tolerance criteria, presenting risk analysis and reporting data, and supporting the integration and management of the security and risk management plans to meet authorization criteria for acceptable network connection standards.
In addition, the SME will lead and mentor other GRC Support Staff and will communicate with executive leadership regarding matters of significant importance to the DHS FEMA Program.
The SME should have expertise in at least one of the following specialized areas: - Certification & Accreditation - Risk Management - Network/Information System Security Controls - Monitoring and detection - Vulnerability assessment and pen test - Information Systems Security Operations and Management. Support Cyber intelligence analysis processing community reporting, conduct link analysis, and collaborate with other Government cyber fusion teams. Publish intelligence products to inform network defenders about risk activities, new security control and vulnerability analysis methods, among other topics of interest.
EDUCATION & EXPERIENCE:
Requires Bachelors Degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 12 to 15 years of prior relevant experience or Masters with 10 to 13 years of prior relevant experience. May possess a Doctorate in technical domain. Prior relevant experience should be in the areas of cyber security.
Minimum of current Secret clearance with ability to obtain TS/SCI Clearance. In addition to specific security clearance requirements all Department of Homeland Security employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
In addition, minimum of 7 years of specialized experience in one or more of the following areas:
Certification & Accreditation
Digital media forensic
Information Systems Risk Management
Cyber intelligence analysis
Should have at least one of the following certifications:
SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON or GCIH ISC2 CCFP, CCSP, CISSP CERT CSIH EC Council: CHFI, LPT, ECSA, Offensive Security: OSCP, OSCE, OSWP and OSEE EnCase: EnCE DOD 8570: IAT L3, CNDSP Analyst or IR Carnegie Mellon: CCSIH"
Extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with counterintelligence and law enforcement investigations.
Experience in cyber government, and/or federal law enforcement. Cyber Kill Chain knowledge.