JFHQ-DODIN is a component command of USCYBERCOM, and is aligned with the Secure, Operate, and Defend the DODIN mission area. JFHQ-DODIN executes Command and Control (C2) of DOD components that conduct DODIN operations and Defensive Cyberspace Operations-Internal Defensive Measures to ensure the DOD has a secure and reliable information infrastructure, and to minimize intrusion attacks.
The Cybersecurity Analyst will work as part of a team in the JFHQ-DODIN Operations Center (JDOC). The analyst will be assigned to an element that will focus on a designated area of operation (AO) within the DOD.
• Obtain and maintain a working knowledge of the current status of Orders issued by JFHQ-DODIN, and subordinate organizations compliance with issued orders
• Provide near real time situational monitoring of an aligned AO to achieve, sustain, and present a near real time situational understanding of the AO’s operational environment. To include:
o tracking ongoing operations, the posture and disposition of friendly forces and adversary activity
o monitoring, consuming and analyzing operational, intelligence, and incident reporting
o monitoring and querying Security Information and Event Management (SIEM) tools (ex. Splunk, ArcSight, McAfee Network Security Manager, etc.) for anomalous activity
• Collect, analyze and distribute Indicators of Compromise (IOC) in support of the development and implementation of DOD countermeasures
• Develop metrics to measure the effectiveness of practices and controls to mitigate threats and vulnerabilities; and develop dashboards that illustrate the effectiveness of risk mitigation over time.
• Coordinate DODIN Operations and Defensive Cyber Operations with DOD cyber components; obtain situation reports, incident response efforts, and obtain information for briefings, presentations, or other situational awareness products used to inform senior leadership
• The analyst must be able to work independently (where required) to achieve day-to-day objectives work and as part of a team
• This is a shift-work position; analyst maybe assigned to a day-shift, swing-shift (afternoon), or mid-shift (overnight); to include potentially weekends and/or holidays.
• Applicant must possess an Active TS/SCI security clearance
• Bachelor's degree in a relevant technical discipline and 6+ years of overall related experience; An additional 4+ years of information technology and/or cyber experience may be substituted in lieu of a degree.
• Experience with Microsoft Office (Outlook, Word, Excel, and PowerPoint) and Share point
• Knowledge of Windows and/or Unix operating systems
• Knowledge of LAN/WAN design and general internetworking technologies
• Knowledge of security principles, approaches, and technologies (Defense-in-Depth)
• Knowledge of IT security architecture and design (firewalls, IDS/IPS, VPN, Endpoint protection)
• Excellent oral and written communication skills
• Experience briefing Senior Leaders
• SIEM Tool Experience
• Knowledge of the DoD Information Assurance Vulnerability Management (IAVM) process
• Knowledge of DOD Cyberspace Operations (JP 3-12)
• Knowledge of the DoD orders process
• Knowledge of DOD’s Cyber Incident Handling Program (CJCSM 6510.01B)
• Knowledge of DODIN Transport (DODI 8010.01)
• Knowledge of Cybersecurity Activities Support to DODIN Operations (DODI 8530.01)
• Familiarity with Joint Reporting Structure guidance (CJCSM 3150.05D, CJCSM 3150.07E)
• Familiarity with conducting risk assessments (NIST SP 800-30 Rev 1, Guide for Conducting Risk Assessments; DODIN Risk Assessment Methodology)
• Familiarity with enhancing trust in email (NIST SP 800-177, Trustworthy Email guidance)
• Working knowledge of DOD Security Technical Implementation Guide (STIG) Viewer
• Working knowledge of Packet Capture (PCAP) and analysis (Noesis, Wireshark)
• Working knowledge of DOD Boundary and SIEM Tools (DISA Enterprise Collaborative Operational Sensor suite JRSS, etc.)
• DoD 8750 certification at IAT level II or higher; Security+ce.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Top Secret/SCI
Scheduled Weekly Hours:40
Job Family:Cyber Security
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to firstname.lastname@example.org.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.