The Leidos Computer Information Security (CIS) team is seeking an Endpoint Cyber Operations Analyst
You will join a team of other Endpoint Cyber Operations Analysts in providing day to day operational support across a range of Leidos managed enterprise endpoint security solutions. This role focuses on learning to support & maintain industry leading cyber security products while gaining experience defending a Fortune 500 organization. Working closely with the Endpoint Cybersecurity Engineering team, you will be expected to "think like an adversary" and provide analyst-centric input into every phase in the Cyber Defense development process from an endpoint security perspective. Additionally, you will provide written documentation in support of the Endpoint Cybersecurity Operations standard operating procedures (SOPs), and contribute to the technical innovation that will evolve Leidos' defensive capabilities and methodologies.
Please note: This position can be supported from Orlando – FL, Reston – VA, Gaithersburg – MD, or telework for the right candidate.
- Daily ticket queue management.
- Operational support & maintenance for endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR).
- Rotational on-call responsibilities.
- Technical control implementation & enforcement based on inputs received by the Leidos Cybersecurity Intelligence & Response Center (CSIRC), Endpoint Cybersecurity Engineering team, and other internal organizations, leaders, stakeholders where applicable.
- Support change management tasking relative to the security policies associated with the endpoint security solutions that you support.
- Work closely with your team lead\manager to ensure tasks are executed on time.
- Ensure documentation relative to the supported endpoint security products, procedures, services, etc., are written and centrally accessible.
- Create and monitor reporting for compliance.
- Provide assistance in troubleshooting complex problems across the endpoint security solutions.
- Provide inputs back to the Endpoint Cybersecurity Engineering team with the goal of identifying and remediating existing gaps in vendor solutions and platform technologies.
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
- Take direction & guidance from the endpoint cybersecurity engineering team (and others) and perform other tasks as assigned.
- Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences.
- Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
- Fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.
- Understanding of Operating Systems and Network Protocols.
- Foundational understanding of advanced threat detection in an enterprise environment.
- Foundational understanding of malware families, their types, and the threat they pose
- US Citizenship is required.
- B.S in Computer Science, Computer Engineering, Information technology, or other Cyber Security field from an accredited university. Additional years of relevant experience or technology certifications may be considered in lieu of degree. This should include 2 – 4 years of endpoint security experience.
- Experience operating, troubleshooting, and maintaining endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR, cloud based solutions).
- Knowledgeable of forensic procedures and practices including imaging and memory analytics. Specifically the design, maintenance, and documentation of enterprise forensic capabilities. (Popular commercial products include: EnCase, FTK, and others)
- Windows 10 security best practices and configurations.
- Linux System Administration experience or experience with Linux OS hardening.
- Proficiency with Microsoft Windows administrative & troubleshooting tools.
- Demonstrated experience performing cybersecurity analysis from an operators point-of-view
- Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
- Functional understanding of scripting languages (Batch, Powershell, Python, VBScript, etc.)
- GIAC GCIA Certification or other cyber security certifications are a plus.
- Experience with Splunk (preferred) or other SIEM platform.
- Experience with Cloud-based information protection and cyber security.
- Eligible to obtain a DoD Secret Security Clearance.
External Referral Bonus:Eligible
Potential for Telework:Yes, 100%
Clearance Level Required:None
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Systems Administration
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.