Description
Job Description:
Leidos has an immediate need for a Security Orchestration Automation and Response (SOAR) developer to join our DHS Enterprise Security Operations Center (ESOC) Team. The ideal SOAR Developer is someone who is process driven, efficient, and strives to remove tedium from daily workflows. The developer will provide an Agile DevSecOps approach to the modernization of DHS ESOC cybersecurity operations, along with responding to emergent development requirements from Security Operations. The ideal candidate will be flexible and ready to work within a DevSecOps model within DHS ESOC which includes incident response operations and development engineers participating together in the entire lifecycle, from design through the development process to production support.
Primary Responsibilities
Automate DHS NOSC Security Incident Response processes providing the ability to analyze and resolve alerts from existing security tools leveraging a single stream management system
Develop and maintain custom Swimlane applications for ESOC IR workflow (e.g., create custom application to automate intelligence gathering)
Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
Organize requirements into user stories that are Independent, Negotiable, Valuable, Estimable, Small and Testable
Integrate SOAR platform with other security tools and APIs to execute automated workflows
Author, test, and maintain automation scripts/workflows within SOAR platform
Design, implement, and maintain efficient and reusable Python code
Review, debug, and resolve technical issues throughout all stages of SDLC
Coordinate with System Administrators, Engineers, and ISSOs to provision service accounts and/or grant required permissions
Measure effectiveness of process improvement and automation efforts via metrics and KPIs
Basic Qualifications
The candidate shall have bachelor’s degree in Computer Science, Engineering, or related field and a minimum of 6 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity.
At least one of the following certifications: CASP, Sec+, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX
Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc
Familiarity with continuous integration and continuous delivery (CI/CD) concepts
Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices required
Proficient in Python scripting
Working knowledge of REST APIs, JSON, HTML/CSS, Javascript, XML
Experience as a SOC Analyst and/or Incident Responder
Experience authoring SOC SOPs, playbooks, work instructions and/or other process documents
Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
Proven Experience building consensus and managing cross-functional teams
Experience in DevSecOps environment
Experience writing acceptance criteria and designing user interfaces for a production system
Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
Preferred Qualifications
Swimlane Certified SOAR Administrator (SCSA)
Swimlane Certified SOAR Developer (SCSD)
Client-facing federal consulting and business analysis experience
Pay Range:
Covid Guidance
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
About Leidos
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.