Leidos Enterprise & Cyber Solutions Defense Team is seeking a SOC Lead in either Vicksburg, MS, Hillsboro, OR, or Seatle WA. Periodic telework is available. An active DOD Secret clearance is required and you must be eligible to obtain TS/SCI.
In this role you will lead the Security Operation Center team and carry out related managerial duties. You will function as a Technical Subject Matter Expert who leads security configuration of CheckPoint firewalls, Cisco ASA firewalls, Palo Alto Firewall/IDPS, Sourcefire, Bluecat IPAM, FPCAP and similar network and cyber security technologies.
You Will be responsible for guiding the team in identifying, developing, implementing, and continuous monitoring of information technology hardware and software secure configurations within an enterprise architecture construct. You will directly interact and support ACE-IT SOC, CIRT and Engineering proponents to validate that DoD, Army, and DISA mandated IA and cyber security guidelines are integrated into the ACE-IT architecture on the principles of Defense in Depth as well as continuous sustainment of real-time risk management and vulnerability assessment. Tasking includes but is not limited to secure baseline identification and validation, vulnerability and threat assessment, and security model architecture and design validation, enforcement of cyber policy and standards, and internal auditing for cyber security compliance.
• Leads the technical team
• Configure, deploy and manage network and cyber security platforms
• Integrate within SOC and Engineering teams to consult on Cyber/IA projects, tasks, and IA requests directed to these teams
• Support, as needed, SA, VMSA, and NA Vulnerability Remediation Efforts by assisting in the gathering of remediation guidance from internal reporting, Vendors, US Cybercom, CERT, etc.
• Review, monitor, and assist in the enforcement of DISA STIG compliance of all ACE-IT network devices
• Support CIRT assigned SOC incidents as needed
• Help identify and improve SOC/CIRT processes and procedures
• Ensure IT infrastructure devices logs are captured within ArcSight and assist in monitoring log files
Bachelors Degree from an accredited university/college in Computer Science, Information Technology, Science, Mathematics or related field and 10 to 16 years of prior relevant experience or Masters with 7 to 12 years of prior relevant experience. Previous USACE experience preferred.
Must possess current/active Secret Clearance and be eligible for TS/SCI
Demonstrated experience in Network security, Information Assurance/Information System Security Engineering
Experience with Defense in Depth principles and technology including access/control, authorization, Identification and authentication, public key infrastructure, network, and enterprise security architecture
Experience with DISA STIG and SRR compliance test and verification
Experience with DoD and Army Information Security regulations, publications, and policy
Must hold current DOD 8570 IAT III certification (CISSP, CASP etc)
Must hold current Computing Environment certification (CCNP, JNCIP, PCNSE preferred) CCNA, PCNSA, JNCIA/JNCIS also acceptable.
• Cisco Routers, Cisco Switches
• Firewalls: Cisco ASA, Checkpoint, Palo Alto
• IDPS: FireEye, Sourcefire, Snort
• Bluecat IPAM, Solera FPCAP
Server & Operating Systems / Software
Windows and Linux system administration, Windows Server, Windows/Powershell Scripting, Cisco IOS, Nessus