This Incident Handler Senior is responsible for the full lifecycle of security incidents involving enterprise systems. The individual will work as part of a team to analyze, correlate, and report on security incidents. When required they will be responsible for assigned remediation tasks and reporting status for the remainder of the lifecycle of the incident. The individual in this position will work with team to create new use cases as the threat terrain evolves and develop processes to respond to the new emerging threats.
Manages and responds to computer security incidents through detection, investigation, analysis, remediation, and reporting of cybersecurity incidents in a timely manner with high quality.
Familiar with standard DoD endpoint cybersecurity systems, such as HBSS, ESS, VSE, ENS, Tanium and Microsoft Defender.
Use SIEM to analyze EDR, OS, and firewall logs, Full Packet Capture (PCAP), SIEM alerts, Anti-malware alerts, Host Intrusion Prevent/Detection System (HIP/DS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.
Coordinates with other teams within the Security Operations Center to improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
Participate regularly in working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives. Collaborate across organizational lines and develop depth in your desired cyber discipline and/or technologies.
Plan, design, and evaluate various components of a networked system *Provide advanced technical analyses of network challenges and problems and be able to develop/implement technical solutions.
Conduct analysis of malicious events and know exploits/vulnerabilities for the creation of custom signature rule sets for the accompanying modules, as necessary.
Bachelor’ Degree and eight (8) years of information technology (IT) relevant experience.
Active Secret clearance with the ability to be approved for a TS/SCI clearance.
Strong analytical and troubleshooting skills.
Highly developed customer service ethic, coupled with a drive to deliver exceptional customer experience.
Possess a high degree of tack, diplomacy and professionalism when dealing with all types of clientele.
Certified in accordance with DoD 8570.01-M Information Assurance Technician (IAT) Level II (IAT II).
U.S. citizen with a DoD Secret security clearance or higher.
Prior Navy NGEN or Marine Corps MCEN experience
ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
Information Technology Infrastructure Library (ITIL) certifications a strong plus
Experience tracking incidents against a framework such as MITRE ATT&CK or Cyber Kill Chain methodology
External Referral Bonus:Ineligible
Potential for Telework:Yes, 100%
Clearance Level Required:Secret
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Cyber Operations
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.