Job Requisition:Sr. Cyber Security Specialist
Leidos currently has an opening for a Sr. Cyber Security Specialist who will work from the Department of Veteran Affairs facility in Austin, TX. This position is onsite with no remote ability. Scheduled hours are Monday – Friday 8:00am – 4:30pm.
This is an exciting opportunity to use your experience helping the IOSS mission. The mission of the Department of Veterans Affairs (VA), Office of Information & Technology (OI&T), Information Technology (IT) Operations and Services (ITOPS), Infrastructure Operations (IO) is to support One VA world-class service to Veterans and their families by delivering results-oriented, secure, highly available, and cost-effective information technology services. IO support helps to provide critical services focusing on consistent availability of Veteran-facing applications and quick delivery of benefits for Veterans
- The Cyber Security Specialist will support services within the ITOPS IO Security Management Division. This division is charged with establishing a centralized security program to address security with ITOPS IO’s projects.
- Assessments and compliance activities using central managed vulnerability scan engines to perform operating systems, network devices, databases and applications assessments.
- Perform collection and analysis of all operating systems logs, network device logs, network flows, intrusion prevention and intrusion detection, vulnerability assessment, network firewall, web application firewall and virtual environment logs and provide centralized correlation, alerting, log archiving, asset discovery and behavior analysis configuration using an IBM QRadar Security Information and Event Manager (SIEM) or equivalent.
- Real-time network and system protection, detection and log analysis using Sourcefire Intrusion Prevention System/Intrusion Detection System (IPS/IDS) or equivalent sensors centrally managed with Sourcefire Defense Center console or equivalent providing network awareness and vulnerability intelligence.
- Web application vulnerability assessments and reporting using web application assessment software, which also provides web application security intelligence to the Web Application Firewall solution.
- Real-time web application protection against SQL injection attacks, malicious bots, zero-day attacks, data loss and defacement protection and any other Web Application attacks that exist including Payment Card Industry Data Security Standard (PCI DSS) compliance using Web Application Firewall technology. PCI compliance and reporting is performed by VA.
- End user device threat containment and access control to ensure VA security policies and restrictions in the Information Technology Center network using Network Access Control technology are adhered.
- Network and system malware protection, detection and log analysis using Malware Protection System.
- Prepare and conduct status briefings and resolve issues in support of senior managers and VA leadership upon request from COR/VA PMs.
- Review and maintain Standard Operating Procedures for the Intrusion Prevention Systems Intrusion Detection Systems (IPS/IDS), Security Information and Event Manager (SIEM), Vulnerability assessments using Tenable Security Center or equivalent, Incident Response, Web Application Firewall (WAF), VMware or equivalent, Network Admission Control Systems (NAC), Malware Protection System (MPS) and any other ITOPS IO Technical Security activities and processes that may need SOP’s reviewed and maintained.
- Bachelor’s Degree in computer science, electronics engineering or other engineering or technical discipline plus 10 years of experience is required or Masters with 6 years of experience.
- US Citizen with the ability to obtain Public Trust Clearance
- At least two years of insider threat experience and user behavior analysis (UBA), or high-tech investigation program experience.
- Experience configuring and utilizing user and/or entity behavior analytics (UBA/UEBA) platforms (preferably QRadar UBA).
- Advanced understanding of enterprise networking concepts and protocols.
- Knowledge of mainstream desktop/server operating systems (UNIX, Windows, OSX, Linux)
- Excellent written and oral communication skills.
- Advanced knowledge and experience using QRadar
- Experience with analysis of security events from multiple sources including but not limited to events from Security Information Monitoring (SIEM) tools, network and host based intrusion detection systems, firewall logs, system logs (Unix and Windows), mainframes, mid-range, applications, and databases.
- Comprehensive understanding of adversarial exploitation, privilege escalation, persistence, and lateral movement techniques.
- Knowledge of cloud computing platforms including Amazon Web Services (AWS) and Azure
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Public Trust
Scheduled Weekly Hours:40
Job Family:Cyber Security1000Health
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to firstname.lastname@example.org.
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.