Leidos has a career opportunity for a Junior Cyber Intrusion Analyst who will be a member of the Network Assurance (NA) Team (DISA GSM-O program) in Pearl Harbor, Hawaii.
This position provides 24x7 cybersecurity monitoring services for Department of Defense networks. This includes performing real-time alert analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process. Providing computer network defense (CND) reports, trends, responses, mitigations, analysis, and information dissemination. Providing C2 support, situational awareness support, and support of all CND applicable activities within Protect, Detect, Respond, and Sustain.
Perform network traffic analysis utilizing raw packet data, firewall, proxy, net flow, IDS, IPS, HIPS, and custom sensor output, as it pertains to the cyber security of communications networks
Provide limited analysis of incidents for the customers by: determining the incidents nature and formulating responses; Identifying & providing the ability to surge during emergencies; correlating event & incident data; determining possible effects on the DISN, customer networks & other organizations.
Correlate actionable security events from various sources.
Coordinate resources during enterprise incident response efforts.
Review incident and threat intelligence data to develop custom signatures for IDS or other custom detection capabilities.
Understand attack signatures, tactics, techniques and procedures associated with advanced threats.
Develop analytical products fusing enterprise and all-source intelligence.
Interface with Government counterparts, both CONUS & OCONUS, along with Leidos and sub team members.
May conduct malware analysis of attacker tools and reverse engineer attacker encoding protocols.
Monitor the implementation of IAVAs & de-conflict component & information specific IAVA guidance.
Maintain integrity and security of enterprise-wide cyber systems and networks.
Install, configure & monitor CND security-relevant network components.
Bachelor’s Degree and 2+ years of related experience; cyber courses/certifications or DISA customer experience may be substituted in lieu of degree.
DoD-8570 IAT Level II baseline certification (Security+ CE or equivalent).
Must possess a CSSP-Analyst certification within 180 days of your start date.
CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations.
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
Experience working with DoD / Government Leaders at all levels.
Must have an active DoD Top Secret security clearance to start on the program.
At least one other IA certification completed, i.e., SSCP, CSIH, GCIA, GCIH or CEH.
Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports.
Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
Ability to create, modify, and implement both Snort and YARA signatures
Unix/Linux command line and administrative skills.
Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
Demonstrated hands on experience with various static and dynamic malware analysis tools.
Experience analyzing packed and obfuscated code.
Comprehensive understanding of common Windows APIs and ability.
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Top Secret
Scheduled Weekly Hours:40
Job Family:Cyber Operations
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 40,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.