In this role as a Cyber Security Analyst, the individual provides technical and programmatic Cyber Security Services to internal and external customers in support of network and information security systems. The role designs, evaluates, develops and implements security requirements as part of an Agile team. Assists the ISSOs with preparing documentation for RMF (Risk Management Framework). Responsible for analyzing and developing test procedures and contingency plans as part of the assessment and authorization (A&A) process. Conducts/Perform complex risk and vulnerability assessments including development of risk mitigation strategies. Recommends system enhancements to improve security deficiencies. Develops, tests, and integrates/automates security tools. Assess system configurations and installs security tools, scans systems to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts and evaluates security program audits and develops solutions to minimize identified risks. Aids in computer incident investigations and evaluations.
· Operating in a command-line environment
· Familiarity and/or experience performing cyber threat analysis based on Indicators of Compromise (IOCs)
· Experience performing open source analysis for cyber event correlation, data enrichment, and threat hunting
· An understanding of Advanced Persistent Threat (APT) cyber activity with an understanding of common intrusion set tactics, techniques, and procedures (TTPs)
· Technical education (formal or informal) on network communication, net-defense, and common attack techniques
· Ability to perform data analysis, aggregation, event correlation
· Writing ability to author various types of cyber threat products tailored to computer network defenders
· Very high attention to detail and desire to learn and contribute
· Demonstrated motivation to maintain awareness of current cybersecurity and threat intelligence news and trends
· Work with multiple operating systems relevant to our customer environments (Windows, Mac, Linux) and the similarities and differences in network traffic generated in each.
· Work with basic security concepts and terminology such as the CIA triad, industry best practices, risk, vulnerability, threat, attack vectors, encryption, encoding, and various types of threat actors.
· Process IDS alerts and identifying incidents and events in customer data.
· Conduct packet level analysis using tcpdump or Wireshark on the session and surrounding traffic of an IDS alert.
· Perform basic IDS (Snort, Suricata, Bro/Zeek, etc.) rule creation and tuning based on indicators in network traffic.
· Writing incident reports, process documentation, and interact with customer.
EDUCATION & EXPERIENCE:
Candidate must have a BS with 8-12 years of prior relevant experience or (in Computer Science, Engineering, Information Technology, System Administration, Cyber Security). Will consider work experience in lieu of a degree.
CISSP and/or ISSEP Certification a plus.
• Active TS/SCI with Polygraph
• Eight or more years of information assurance and cyber security engineering experience
• Can work independently of direct supervision
• Ability to build strong customer relationships
• Five or more years of information assurance and cyber security engineering experience
• Experience with the Risk Management Framework (RMF) and ICD 503 Security Accreditation processes.
• Experienced with various security tools and processes such as Splunk, Nessus Security Center, Appdetective, WebInspect, Xacta
• Experience with the NIST Risk Management Framework (RMF)
• Experience with migration and operation of systems to an Amazon Web Services (AWS) cloud environment
• A professional background in Systems Engineering / Cloud Architecture / Software Development
• Experience with Cloud Computing Technologies/Amazon Web Services (AWS)
• Experience with Agile Software Development
• AWS/Azure/Google Certifications
• Experience with scripting languages (Python, Power Shell)
• Experience with SAFe Agile Framework
External Referral Bonus:Eligible
External Referral Bonus $:5000
Potential for Telework:No
Clearance Level Required:Top Secret/SCI with Polygraph
Scheduled Weekly Hours:40
Job Family:Information Assurance
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 40,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.