Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
The DHS SOC Support Service Program has a critical need for a Vulnerability Assessment Team Analyst. This is a full time funded position based in Washington DC.
PRIMARY RESPONSIBILITIES: (list daily duties and/or specific job responsibilities)
The DHS ESOC is responsible for the Information Security Vulnerability Management Program and internal/external Vulnerability Assessment program. The VAT team will establish a program for use throughout DHS, Completes vulnerability assessments, identifies opportunities for improvement, and Communicates recommended solutions for addressing vulnerabilities.
This position is located at L’Enfant Plaza in Washington, DC.
Information Security Vulnerability Management (ISVM) Program
a. Create and publish security related alerts, bulletins, and notifications to all DHS components based on identified software and hardware vulnerabilities and monitor for compliance.
b. Continuously research emerging threats to the environment in order to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the ESOC and enterprise networking teams to proactively block exploitation within the DHS environment.
c. Vulnerability Tracking
Internal and External Vulnerability Assessment
a. Support ESOC enclave, OneNet, and RTIC through conducting scheduled and ad-hoc vulnerability scanning
b. Employs ad-hoc or emergency VA scanning to support targeted incident investigation, escalation and emergency response to security events in accordance with documented procedures
c. Coordinates with Component security staff to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities
d. Conducts, operates, and maintains assessments and the resulting Vulnerability Assessment (VA) data and reports
e. Conducts Host-based and Network Vulnerability Assessments
f. Conducts Database Vulnerability Assessments
g. Conducts Web-based Vulnerability Assessments
Bachelors’ degree from an accredited college in a related discipline, or equivalent experience/combined education, with 2 to 4 years of professional experience; or a Masters with less than 2 years of professional experience.
Must have a Secret Clearance with the ability to get TS/SCI. In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
2 years in Vulnerability Assessment
2 years of professional experience in incident detection and response, malware analysis, or cyber forensics
External Referral Bonus:Ineligible
Potential for Telework:No
Clearance Level Required:None
Scheduled Weekly Hours:40
Job Family:Cyber Operations
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.