The Leidos Cybersecurity Capabilities Organization has an immediate opening for a motivated Endpoint Cyber Operations Analyst to join the Endpoint Cyber Operations team. This position can be supported from Orlando - FL, Gaithersburg - MD, or Reston - VA.
You will join a team of other Endpoint Cyber Operations Analysts in providing steady state cyber operational support across a range of Leidos managed enterprise endpoint security solutions. This role focuses providing extensive support across industry leading cyber security products while enhancing your existing experience defending a Fortune 500 organization. Working closely with the Endpoint Cyber Engineering team, you will be expected to "think like an adversary" and provide analyst-centric input into every phase in the Cyber Defense development process from an endpoint security perspective. Additionally, you will provide written documentation in support of the Endpoint Cyber Operations Standard Operating Procedures (SOPs), and contribute to the technical innovation that will evolve Leidos' defensive capabilities and methodologies.
Primary Responsibilities Include:
- Provide Cyber Operational support for endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR).
- Manage daily ticket queue and perform rotational on-call responsibilities.
- Provide cyber operational triage support and investigation when applicable.
- Responsible for technical control/policy implementation & enforcement based on inputs received by the Leidos Cybersecurity Intelligence & Response Center (CSIRC), Endpoint Cybersecurity Engineering team, and other internal organizations, leaders, stakeholders where applicable.
- Support change management tasking relative to the security policies associated with the endpoint security solutions that you support.
- Work closely with your team lead/manager to ensure tasks are executed on time.
- Ensure documentation relative to the supported endpoint security products, procedures, services, etc., are written and centrally accessible.
- Create and monitor reporting for compliance.
- Provide assistance in troubleshooting complex problems across the endpoint security solutions.
- Provide inputs back to the Endpoint Cyber Engineering team with the goal of identifying and remediating existing gaps in vendor solutions and platform technologies.
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
- Take direction & guidance from the endpoint cyber engineering team (and others) and perform other tasks as assigned.
- Bachelor's degree in Computer Science, Computer Engineering, Information technology, or other Cyber Security field from an accredited university and 2-4 years of relevant experience in endpoint security. Additional years of relevant experience will be considered in lieu of Bachelor's degree.
- Experience operating, troubleshooting, and maintaining endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR, cloud based solutions).
- Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences.
- Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
- Intermediate to advanced understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.
- Understanding of Operating Systems and Network Protocols.
- Intermediate to advanced understanding of advanced threat detection in an enterprise environment.
- Intermediate to advanced understanding of malware families, their types, and the threat they pose.
- US Citizenship is required and able to obtain security clearance.
- Knowledgeable of forensic procedures and practices including imaging and memory analytics. Specifically the design, maintenance, and documentation of enterprise forensic capabilities. (Popular commercial products include: EnCase, FTK, and others)
- Understand Windows 10 security best practices and configurations.
- Knowledge of Linux OS hardening.
- Demonstrated experience-performing analysis against cyber threat event data.
- Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
- Functional understanding of scripting languages (Batch, Powershell, Python, VBScript, etc.)
- GIAC GCIA Certification or other cyber security certifications are a plus.
- Experience with Splunk (preferred) or other SIEM platform.
- Experience with Cloud-based information protection and cyber security.
- Eligible to obtain a DoD Secret Security Clearance.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:None
Scheduled Weekly Hours:40
Job Family:Systems Administration
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.