Leidos is looking for a Blue Team Lead to support a large opportunity for Leidos supporting operations for Integrated Information & Cyber Security Services including Enterprise Operations, End User Support, Software Engineering, Cloud technologies and Cyber Security. You will lead a team with the responsibility of proactively identifying, addressing, testing, and analysis of vulnerabilities; and identifying security weaknesses of products, applications, and infrastructure. Your team will also ensure the quality of platforms and technologies NNSA utilizes across the enterprise. Your responsibilities in these areas will extend to the global NNSA environment, and you will work with cross-functional teams to proactively improve the security posture through a shared services model.
Your responsibilities with respect to vulnerability management services will include managing a vulnerability data repository, managing vulnerability scanning and reporting, and vulnerability analysis and remediation recommendations. This role will also be responsible for managing security tools and technologies that support the vulnerability management program and performing static and dynamic code analysis. You will also lead a team performing product specific assessments of NNSA systems in production as well as those under development.
The preferred candidate will be responsible for leading these efforts in collaboration with the OCIO for the enterprise environment. The candidate must have expert skills in conducting technical analysis of security and business problems, as well as threats, incidents, investigations, workforce protection, and other general security related issues. The candidate must also have the ability to communicate well, motivate and lead cross functional and individual contributor teams independently, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of NNSA’s critical business, and operational infrastructure needs. The candidate will develop, select, and motivate highly effective employees to execute the NNSA business model.
Responsibilities include the following:
• Performs enterprise systems security operations to ensure 100% effective NNSA security status across the enterprise.
• Develop Red Teaming, Penetration Testing, Code Scanning, and Vulnerability Management policies and procedures
• Operationalize a set of services based on your scope of responsibilities to be provided to the rest of the organization globally to support the ongoing security objectives of the Global Security Organization
• Synthesize and report findings, develop remediation recommendations and track implementation to completion
• Build and develop a team to provide Red Teaming, Penetration Testing, Code Scanning, and Vulnerability Management services to the organization
• Research and identify threat vectors and zero days that may be applicable to the NNSA environment; develop testing plans to identify vulnerabilities
• Define and maintain a rules of engagement plan for the NNSA enterprise environment as Red Team services are performed
• Identify, collect, and report metrics related to program progress, operations, and findings
• Assess, document, and implement mitigation strategies for newly discovered threats or vulnerabilities that may impact the company as part of a security incident
• Manage the effectiveness of tooling, rationalizing tools as needed, and identifying new tool needs as necessary
• Experience working with one of the following network security systems: CISCO (CCNA Security), Blue Coat BCCPA, InfoVista IVCA, HP ATP ArcSight Security V1, HP ASE-ArcSight Logger V1, IBM Tivoli Netcool/OMNIbus V7.4, Red Seal Security Expert, Cisco Stealthwatch Advanced Tuning (SWAT)
• Performs complex analytics on boundary protection systems to protect system assets from compromise, data loss, and other requirements.
• Experienced in DOD boundary protection and CSSP operations.
• Responds and mitigates risks and malicious code, classified incidents, CTO orders.
• Perform work within the defined SLAs.
• Work closely with other support and development teams.
• Create and update documentation where required.
• Cross train capabilities with other team members.
• Active TOP SECRET SCI clearance and/or U.S. Department of Energy Q clearance
• Bachelors and 7 - 10 years of prior relevant experience or additional relevant experience in lieu of degree.
• Strong verbal and written communications skills.
• Must be a US Citizen
• Staff shall meet DoD 8570 SD 205.1
• IAT III certification
• Experience in Red Teaming, Penetration Testing, Vulnerability Discovery, and Product Testing
• Candidates should be an expert in Networking, Windows and *nix environments * Expert understanding of TCP/IP and network communications
• Expert systems and network administration skills
• Expert in designing and deploying security testing procedures
• Expert in computer security incident handling and the Advanced Persistent Threat
• Expert In-depth knowledge of security vulnerabilities
• Excellent analytical and problem-solving skills.
• Excellent communication skills (verbal and written), ability to influence without authority.
• Ability to balance risks in ambiguous and complex situations.
• Demonstrated teamwork and collaboration skills, in particular in leading or contributing to global and multi-functional teams.
• Highly motivated to contribute and grow within a complex area of emerging importance.
• Experience or understanding of software applications design tools and languages.
• Understanding of design for software applications running on multiple platforms.
• Understanding of testing, coding and debugging procedures.
• Experience performing, overseeing, and providing feedback on red teaming services
• Experience in vulnerability management in an enterprise environment * Knowledge and expertise in reporting vulnerabilities and developing recommendations
• Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations.
• Works well under pressure and within time/budget constraints to solve problems or meet objectives.
• Excellent fundamental knowledge of industry-standard frameworks.
• Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines.
• Ability to communicate technical concepts to a broad range of technical and non-technical staff.
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change.
• One or more programming/scripting languages (e.g., C++, Perl, Java, Python, etc.)
• In depth knowledge in the use of databases for reporting (SQL language) * Working knowledge of the applications of Artificial Intelligence in security
Effective October 1, in order to enter Leidos facilities in the US and to attend Leidos business events outside our facilities, employees will be required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. Effective January 18, 2022, all Leidos employees must be fully vaccinated (2 weeks past final dose) unless they are entitled to a legal accommodation. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $12.30 billion for the fiscal year ended January 1, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.