Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
The Security Operations Center (SOC) Metrics Analyst will work directly with the SOC Metrics Team Lead and the customer to ensure that effective, measurable Cyber metrics are collected, analyzed, and presented on both and ad hoc and continual basis using the existing infrastructure. The candidate will be responsible for implementing SOC metrics program to ensure the metrics collected are impactful, and assist in driving sound management decisions. The candidate must have a strong background as a Sr. Cybersecurity Analyst supporting 24X7 operations with experience in data security technologies, incident response, forensics, and digital media analysis and process improvement. The candidate should be familiar the Cyber Kill Chain methodology and how to correctly measure its effectiveness.
Propose SOC metrics for government approval. Develop a set of SOC metrics that indicate ESOC and Enterprise SOC staff awareness of the Kill Chain methodology. Develop Implementation Metrics that demonstrate enterprise SOCs are actively using Kill Chain methodology. Develop effectiveness and efficiency SOC metrics. Develop Impact Metrics demonstrating the maturity of enterprise SOCs. Develop a metrics scorecard to display the level of effectiveness of enterprise SOCs. Build dashboards using the ESOC infrastructure to support on-demand metrics representation
The candidate must currently possess or be able to obtain a DHS EOD and be eligible for Top Secret/SCI. Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment. Experience operating at a Sr.Analyst in a 24x7 security operations center (SOC) in the areas of Digital Media Analysis, Forensics, Incident Response, or malware reverse engineering.
BS in Computer Science or Information Systems, Industrial Engineering, Business Administration, Business Analysis, Math/Accounting/Finance or related field and 8+ years of work experience in the following areas: designing and producing metrics, KPIs, and data visualizations, creating interactive metrics dashboards using Power BI, Tableau or other data visualization tools, generating reports, charts, and graphs. Advanced level proficiency in Microsoft Excel: ability to write and update complex formulas, build macros, and present numerical data in visual formats such as charts and pivot tables and ability to create presentations and reports. Advanced level proficiency in BI/Data Visualization Tools: ability to write and update existing queries, develop/import data from external sources, develop and generate other objects such as forms and reports. Extensive experience with data requirements, architecture, design, development, deployment, and resource management methodologies and best practices. Significant experience with maintaining, integrating, and preparing complex large data sources and querying/integrating data from databases. High degree of knowledge of the Data and Analytics functional and technical competencies (Business Process, Data Flow, Data Architecture, Technical Design, Development Processes, Code Deployment, Load Testing, DevOps, etc).
Sr. Level security certification is required, e.g. CISSP, GCIH, Tableau Desktop Certified Associate, Tableau Desktop Certified Professional, etc.
Familiarity Splunk and its dashboard capabilities.
Familiarity with Cyber Kill Chain/Intrusion Defensive Chain/Mitre ATT&CK methodologies.
Experience in a SOC environment.
Experience developing Key Performance Indicators.
Experience in gather requirements from customers.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Secret
Scheduled Weekly Hours:40
Job Family:Cyber Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.