Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
The DHS SOC Support Service Contract has a need for a Tier 1 Cyber Threat Analyst. This is a full time funded position based in Bluemont, VA (Mount Weather). This position does not have Telecommuting Options.
The ideal candidate will have a basic understanding of cyber threats, information security, and monitoring and detection. The candidate must be familiar with TCP/IP ports and protocols, intrusion detection systems, and netflow analysis.
Duties and Responsibilities:
Perform network security monitoring and detection. Proactively searching for threats. Inspect traffic for anomalies and new malware patterns. Investigate and analyze logs. Investigate and analyze longs. Provide analysis and response to alerts, and document activity in SOC investigations and Security Event Notifications (SENs).
EDUCATION & EXPERIENCE:
Requires BS degree and 2 – 4 years of relevant experience or Masters with less than 2 years of relevant experience or additional years of experience and cyber certifications may be considered in lieu of degree.
Minimum of a current Secret Clearance with the ability to obtain TS/SCI
In addition to specific clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
- Tier 1 analyst candidates shall have a minimum of one (1) year professional experience in network or UNIX/Linux system administration, software engineering, software development, and/or a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field
- Knowledge of TCP/UDP/IP networking
- familiarity with packet analysis tools such as Wireshark
- General understanding of network tools (firewall, IDS/IPS, Web Proxy, etc)
- Perform problem solving
- Familiar with common attack vectors
- Experience with Splunk Enterprise Search and Splunk Enterprise Security
- Understanding of APT
- Familiar with security process and methodologies (Cyber Kill Chain, MITRE ATT&CK, Diamond Model)
- Experienced with basic scripting/programming (e.g. Python, Powershell, etc)
Must have at least one of the following certifications:
- Comptia: Security+, Linux+, Network+, Cloud+
- SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON or GCIH ISC2 CCFP, CCSP, CISSP CERT CSIH
- EC Council: CEH, CHFI, LPT, ECSA
- Offensive Security: OSCP, OSCE, OSWP
- OSEE EnCase: EnCE
- IR Carnegie Mellon: CCSIH"
Front Days: Sunday – Tuesday 7am – 7pm and alternating 8 hours on Wednesdays
Back Days: Thursday – Saturday 7am – 7pm and alternating 8 hours on Wednesdays
Back Nights: Sunday - Tuesday 7pm - 7am and alternating 8 hours on Wednesdays
Back Nights: Thursday – Saturday 7pm – 7am and alternating 8 hours on Wednesdays
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Secret
Scheduled Weekly Hours:40
Shift:24/7 12 Hour Shift Pattern
Job Family:Cyber Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.