The Defense Group of Leidos has an opening for a Cyber Intelligence Watch Officer supporting the Global Solutions Management - Operations II (GSM-O II) contract at Ft. Meade.
The selected candidate will support the JFHQ-DODIN J2 which provides 24 x 7, 365 day-a-year intelligence analysis support, producing and disseminating all-source integrated intelligence analysis to support DoD’s Defensive Cyber Operations.
- Support all watch officer shift rotations (day/night) as required in a 24X7 work environment.
- Produce and disseminate all-source integrated intelligence analysis to support DODIN and defensive cyberspace operations (DODIN/DCO-internal Defensive Measures) planning, integration, coordination, and execution. Assist in analyzing ongoing threat related activities and information targeting the DODIN and develop threat assessments. Make recommendations for JFHQ-DODIN action to protect the DODIN.
- Review threat intelligence and open source reports and document their impact to DODIN operations. Provide all-source analytical support to DODIN/DCO to include production of cyber related Intelligence reports and products.
- Produce special reports and assessments related to specific incidents and trends concerning threats to the DODIN as required.
- Conduct analysis to identify indications of adversary activity and warn (Indications and Warning) leaders of potential threats, cyber developments, events or conditions that may adversely affect the DODIN; advise leaders in order to proactively confront emerging challenges, leverage opportunities, avoid surprise and produce strategic outcomes favorable to the U.S. or allied interests.
- Respond to the J2 for threat identification of activity directed against DoD systems.
- Evaluate international events, all-source and open-source intelligence, and operational information to assist in the assessment of potential impacts to the DODIN and alert the JFHQ-DODIN Staff and Leadership to potential network exploitation or attacks. Using these techniques and taking advantage of web-based research tools, match potential threat candidates with identified activity, produce reports and/or briefs, and make intelligence-derived recommendations to the J2/J3 for the defense of the affected network.
- Develop and present intelligence briefings and presentations concerning nation-state and non-state actor capabilities and activities, specific actor profiles, and incidents affecting DoD communications networks.
- Assist the J2 in the management of daily intelligence reports and bulletins and web sites on the classified networks.
- Maintain communications as directed by the J2, with intelligence representatives at JFHQ-DODIN, Service components, other Combatant Commands, Department of Homeland Security, US CERT, Intelligence Community, Joint Staff J2/JCS, DODIN service providers, and other organizations as designated.
- Active DoD TS/SCI clearance and eligible for a Polygraph.
- BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence Analysis, Cyber Security, or another related field of study (Additional experience, education and training may be considered in lieu of degree)
- 8 years performing cyber threat intelligence analysis, Intelligence all source analysis; Defense Intelligence Analysis Program; intelligence writing and briefing at a senior level.
- Ability to place threats in the proper context and identify the "so what" for decision makers; ability to communicate technical information to non-technical audiences.
- Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask "why", defend your analysis, and apply attribution to cyber threat activity.
- Basic technical understanding in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types).
- Familiar with the DoD, Intelligence Community, and private sector cyber community.
- Security+ certification or other IAT, IAM, or IASAE Level II certification)
- Experience applying Kill Chain analysis, Cyber Intelligence Preparation of the Environment (CIPE) modeling, or Diamond modeling of cyber threat activity.
- Advanced Data Visualization proficiency leveraging COTS/GOTS tools.
- Technical Skills proficiency: encryption technologies/standards. Cyber security with cloud technologies, Wireless, IoT, etc.
- Experience with joint and combined military exercises.
- Analyst experience in any Federal Cyber Center (NCTOC, IC-SCC, Cyber Command, CNMF, CPT, JFHQ-Cyber, NCIJTF, DHS US CERT) or Corporate CIRT. Any type of cyber related law enforcement or counterintelligence experience.
- Recent experience performing NETFLOW or PCAP analysis using analysis tools (Wireshark, SourceFire, etc). Experience using ArcSight, FireEye, or other SIEM tools.
Effective October 1, in order to enter Leidos facilities in the US and to attend Leidos business events outside our facilities, employees will be required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. Effective December 8, all Leidos employees must be fully vaccinated (2 weeks past final dose) unless they are entitled to a legal accommodation. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.