The Defense Group of Leidos has an opening for a Cyber Security Analyst to support JFHQ-DODIN as part of the Global Information Grid (GIG) Service Management-Operations (GSM-O) contract at Ft. Meade, MD .
The Cyber Security Analyst will execute in real time, in accordance with mission requirements, incident handling, triage of events, network analysis and threat detection, trend analysis, metric development, vulnerability information dissemination, and the DoD CNDSP methodology.
The candidate will support GSMO Task Order 30
- Centrally coordinate and/or recommend CND operations that impact more than one DoD Component.
- Provide Defense-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows.
- De-conflict Vulnerability Analysis and Assessments (VAA) and Red Teaming with CND operations, and recommend changes to in progress or planned VAAs that may negatively impact CND operations.
- Monitor the DoDIN for IAVA compliance and assess impact on defense of DoD computer networks.
- Develop a coordinated curriculum for CND education training, awareness, professionalization, and ensure the implementation of the curriculum throughout the CNDS certification and accreditation process.
- Ensure that all Computer Network Defense Service (CNDS) providers have continuous information exchange and work together in synchrony, i.e., simultaneously execute a single prescribed Course of Action (COA) and that at any given time, a new COA can override the existing one. Coordination among CNDS providers is primarily effected through the CNDS Certification Authorities (CNDS/CAs) on behalf and under the direction of the USCYBERCOM.
- Recommend Information Operations Conditions (INFOCON) changes in response to unauthorized activity (e.g., computer network attacks, computer network exploitation, system misuse), and to mitigate potential damage to DoD information systems and computer networks.
- Active DoD TS/SCI clearance and eligible for Polygraph
- Bachelor's Degree w/ 5 years of related experience
- Previous tools experience working with ArcSight, Splunk, PCAP, JIMS or equivalent toolsets.
- Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication installation, or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection)
- Experience in an Operations Center providing Senior Leaders specified reports based on information received from supporting units.
- Have working knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, or network traffic analysis.
- Critical/logical thinking skills
- Experience working with the Intelligence Community and priority intelligence requirements
- Advanced communications and presentations skills (verbal and written) enabling precise conveyance of information across all CC/S/A/FA with command and proper enunciation of the English language
- DoD 8570 Requirements
- ITIL v3 Foundation certified
External Referral Eligible