The Government Health and Safety Operation has an opening for a Cyber Operations/Vulnerability Analyst to support a large healthcare contract in Baltimore.
This position is for a Cyber Operations\Vulnerability Analyst working with a team of Information Security professionals supporting the Centers for Medicare and Medicaid Services (CMS). This Team is responsible for the installation, administration, and monitoring of a diverse suite of security tools within multiple datacenters, as well as incident response, investigations and audit support.
The Analyst will support various security initiatives, one of which will include supporting Tenable Security Center. The Analyst must work with different support teams, business process teams and program management teams to analyze customer's objectives, needs, and general business environment to solve technical problems.
The position requires an individual with a record of success as a team member and motivator. Candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity. Ability to adhere to the highest standards of ethics and professional conduct are an absolute must.
The current work environment is on-site at Leidos in Windsor Mill / Woodlawn, Maryland (currently remote due to COVID-19 restrictions) with potential for on-site work at CMS (in the same location). Telecommute opportunities are currently being evaluated and may become available based upon teams supported, work hours, and work performance.
A successful candidate will:
Possess a BS degree or equivalent and 2-4 years of prior relevant experience, or a Masters with less than 2 years. Experience may be substituted in lieu of degree.
- Support the operations and maintenance of Tenable Security Center, as well as other Information Security Systems that support the objectives of the Customer
- Analyze vulnerability information obtained from Security Center or other security tools to determine exposure to threats and engage appropriate Functional Teams to provide necessary response
- Oversee the planning and execution operational changes, support enhancements, decommissions and maintenance to meet contractual needs
- Develop dashboards and reports to provide key stakeholders with security posture and status
- Perform work assigned by management and team lead with a customer focus approach and an ability to work as part of a cross functional team.
- Recommend processes, services, software, hardware, and other tools to support business objectives pertinent to infrastructure technologies
- Provide security operations oversight and champion industry best practices.
- Provide problem identification, escalation and resolution of system performance, hardware, software application, and security issues
- Strong familiarity with NIST SP800-53
The candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity. The ability to adhere to the highest standards of ethics and professional conduct are an absolute must. The position requires an individual with a record of success as a team member and motivator.
- Strong background maintaining Nessus Security Center in a large distributed environment.
- An in-depth understanding of computer\network security concepts, and experience in an IP-based enterprise network environment
- Strong troubleshooting skills specific to network security and ability to effectively work in cross functional teams as needed to resolve issues
- Must have the ability to analyze information from multiple sources and apply it to the operational environment in developing and maintaining the security posture of the network
- Must have the ability to work independently on multiple tasks.
- Process\Procedure\SOP development
- Experience with configuration management system
- Strong verbal\written communication, with ability to effectively interact with individuals at all levels of responsibility and authority
- Strong organizational skills and ability to multitask
- Experience concurrently supporting Operations and Ongoing IT projects
- CISSP or other security related certification
- Strong knowledge of various security tools and techniques
- Proven ability to troubleshoot complex security issues related to hardware, L3\L2 deployment, application behaviors and TCP stack
- Knowledge of one or more scripting languages, Python preferred
- Experience with system automation, specifically related to security controls verification and reporting. Automation a plus
- Experience with infrastructure and server operations; application infrastructure and standards; networking fundamentals; Virtualization Technologies (e.g. VMware, HyperV, KVM) and LAN/WAN/Firewall/VPN/Proxy network technologies
- Understanding of COTS integration and Software Development Methodologies
- Experience in R&D projects, innovation, and strategy
- Project Management skills/background
- Understanding of ITIL Service Management, Service Delivery
- Hands on experience with ServiceNow CMDB and System of Record system.
All candidates supporting the CMS programs must have lived in the United States at least three (3) out of the last five (5) years prior in order to be considered.
External Referral Bonus:Eligible
External Referral Bonus $:2000
Potential for Telework:Yes, 50%
Clearance Level Required:Public Trust
Scheduled Weekly Hours:40
Job Family:Cyber Operations
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 40,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.