Leidos is looking for a Red/Blue Team Lead to support a large opportunity for Leidos supporting operations for Integrated Information & Cyber Security Services including Enterprise Operations, End User Support, Software Engineering, Cloud technologies and Cyber Security. You will lead a team with the responsibility of proactively identifying, addressing, testing, and analysis of vulnerabilities; and identifying security weaknesses of products, applications, and infrastructure. Your team will also ensure the quality of platforms and technologies NNSA utilizes across the enterprise. Your responsibilities in these areas will extend to the global NNSA environment, and you will work with cross-functional teams to proactively improve the security posture through a shared services model.
Your responsibilities in penetration testing will extend to the identification of exploitable vulnerabilities within the environment. You will additionally lead a team performing red teaming activities including creation of product kill chain narratives, attack analysis, identification of vulnerabilities, knowledge transfer of attack methodologies and Zero Days, production of post-mortem data to inform the defense team.
Your responsibilities with respect to vulnerability management services will include managing a vulnerability data repository, managing vulnerability scanning and reporting, and vulnerability analysis and remediation recommendations. This role will also be responsible for managing security tools and technologies that support the vulnerability management program and performing static and dynamic code analysis. You will also lead a team performing product specific assessments of NNSA systems in production as well as those under development.
The preferred candidate will be responsible for leading these efforts in collaboration with the OCIO for the enterprise environment. The candidate must have expert skills in conducting technical analysis of security and business problems, as well as threats, incidents, investigations, workforce protection, and other general security related issues. The candidate must also have the ability to communicate well, motivate and lead cross functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of NNSA’s critical business, and operational infrastructure needs. The candidate will develop, select, and motivate highly effective employees to execute the NNSA business model.
Responsibilities include the following:
• Performs enterprise systems security operations to ensure 100% effective NNSA security status across the enterprise.
• Develop Red Teaming, Penetration Testing, Code Scanning, and Vulnerability Management policies and procedures
• Operationalize a set of services based on your scope of responsibilities to be provided to the rest of the organization globally to support the ongoing security objectives of the Global Security Organization
• Synthesize and report findings, develop remediation recommendations and track implementation to completion
• Build and develop a team to provide Red Teaming, Penetration Testing, Code Scanning, and Vulnerability Management services to the organization
• Research and identify threat vectors and zero days that may be applicable to the NNSA environment; develop testing plans to identify vulnerabilities
• Define and maintain a rules of engagement plan for the NNSA enterprise environment as Red Team services are performed
• Identify, collect, and report metrics related to program progress, operations, and findings
• Assess, document, and implement mitigation strategies for newly discovered threats or vulnerabilities that may impact the company as part of a security incident
• Manage the effectiveness of tooling, rationalizing tools as needed, and identifying new tool needs as necessary
• Experience working with one of the following network security systems: CISCO (CCNA Security), Blue Coat BCCPA, InfoVista IVCA, HP ATP ArcSight Security V1, HP ASE-ArcSight Logger V1, IBM Tivoli Netcool/OMNIbus V7.4, Red Seal Security Expert, Cisco Stealthwatch Advanced Tuning (SWAT)
• Performs complex analytics on boundary protection systems to protect system assets from compromise, data loss, and other requirements.
• Experienced in DOD boundary protection and CSSP operations.
• Responds and mitigates risks and malicious code, classified incidents, CTO orders.
• Perform work within the defined SLAs.
• Work closely with other support and development teams.
• Create and update documentation where required.
• Cross train capabilities with other team members.
• Active TOP SECRET SCI clearance and/or U.S. Department of Energy Q clearance
• Bachelors and 7 - 10 years of prior relevant experience or additional relevant experience in lieu of degree.
• Strong verbal and written communications skills.
• Must be a US Citizen
• Staff shall meet DoD 8570 SD 205.1
• IAT III certification
• Experience in Red Teaming, Penetration Testing, Vulnerability Discovery, and Product Testing
• Candidates should be an expert in Networking, Windows and *nix environments * Expert understanding of TCP/IP and network communications
• Expert systems and network administration skills
• Expert in designing and deploying security testing procedures
• Expert in computer security incident handling and the Advanced Persistent Threat
• Expert In-depth knowledge of security vulnerabilities
• Excellent analytical and problem-solving skills.
• Excellent communication skills (verbal and written), ability to influence without authority.
• Ability to balance risks in ambiguous and complex situations.
• Demonstrated teamwork and collaboration skills, in particular in leading or contributing to global and multi-functional teams.
• Highly motivated to contribute and grow within a complex area of emerging importance.
• Experience or understanding of software applications design tools and languages.
• Understanding of design for software applications running on multiple platforms.
• Understanding of testing, coding and debugging procedures.
• Experience performing, overseeing, and providing feedback on red teaming services
• Experience in vulnerability management in an enterprise environment * Knowledge and expertise in reporting vulnerabilities and developing recommendations
• Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations.
• Works well under pressure and within time/budget constraints to solve problems or meet objectives.
• Excellent fundamental knowledge of industry-standard frameworks.
• Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines.
• Ability to communicate technical concepts to a broad range of technical and non-technical staff.
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change.
• One or more programming/scripting languages (e.g., C++, Perl, Java, Python, etc.)
• In depth knowledge in the use of databases for reporting (SQL language) * Working knowledge of the applications of Artificial Intelligence in security
Covid Guidance for the US
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 44,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.