Leidos is hiring a Computer Network Defense Security Engineer - Active TS/SCI Required! All work will be performed onsite in Suitland, MD.
The Hopper Information Services Center (ISC) is an IT service provider for the Office of Naval Intelligence (ONI) and for 70+ Navy Intelligence Community (IC) ashore organizations across the globe with mission to deploy and operate classified information systems, networks, communications systems, and cybersecurity capabilities. Within Hopper ISC, the Cybersecurity Department is comprised of four divisions (Defensive Cybersecurity Operations, Cybersecurity Mission Operations, Assessment & Validation , and Cybersecurity Engineering), and these divisions collectively secure, protect, assess, and monitor fielded Information Technology (IT) capabilities against a full range of internal and external threats.
Candidate will provide operations, engineering, technical and program management support services and associated supplies to support the cyber related requirements and operations and will routinely work independently to achieve critical mission objectives necessary to continue smooth operations for Hopper, and other internal and external agencies. Routinely will collaborate with different internal and external customers and other experts to develop technical solutions to problems that are complex and not always immediately identifiable in order to timely meet mission objectives.
The Defensive Cyber Operations Division (DCO) enables ONI Information Dominance and decision superiority by providing proactive and real-time protection, monitoring, detection, analysis, reporting, response, recovery and lessons learned for cybersecurity events that pose a threat to ONI’s information and information systems. DCO has hands-on ownership of cybersecurity defensive capabilities that protect ONI enterprise infrastructure.
- Establish and manage high performing CND team with a continued focus on development in the areas of individual and team mentoring/building skills to include thinking outside the box by providing innovative, creative solutions to complex cyber security issues.
- Perform forensic processes required for the collection, acquisition and analysis of forensic images and other data with tools such as EnCase Enterprise, EnCase CyberSecurity, LinEn, and netcat; recovery COs (such as ERD Commander or Hiren); and Syslntemals tools.
- Perform penetration testing to include using Red Teaming tactics, techniques
and procedures, including phishing and the use of various tools such as Backtrack/Kali, SamuraiWTF, NMap, Burp Suite, sqlmap, and Metasploit.
- Identify and conduct research in emerging technologies and assessing their technical and performance characteristics.
- Development and implement computer network defense TTP's.
- Develop and maintain documentation for each individual project and system to include: Requirements and Design Documents, Implementation Plans, Concept of Operations (CONOPS), Risk Management Framework Documentation, System / Network Diagrams, Work Breakdown Structure Project Schedule, Installation & Configuration Guides, Operations & Maintenance Guides and Analyst Operations Guides
- Engineer, test, configure/tune, administer and operate Network Intrusion Detection/Prevention systems (NIDPS), such as Cisco ASA, HP Tipping Point, McAfee Intrashield, and host-based intrusion Detection/Prevention such as McAfee ePO (HBSS).
- Active TS/SCI Clearance
- GCIA, CEH, CNDA, GCIH, CSIH, CISSP, or CASP.
- BA/BS in CS, IT, IA or related field and 11+ years of relevant professional experience. An additional 4+ years of relevant experience may be considered in lieu of degree
- 8+ years concentrated experience in the CND discipline
- 5+ year’s professional experience in the interpretation and implementation of the following policy documents: DoD Directive 8530.02M, Chairman Joint Chief of Staff (CJCS) Instruction 6510.01F, and CJCS Manual (CJCSM) 6510.018.
- 3+ years professional Project or Program Management experience
- 6+ years professional experience in the design, development, integration, implementation, operation, and analysis of cyber security technologies used within the DoD and IC as well as knowledge of federal cyber security initiatives.
- 10+ years professional experience with LAN/WAN technologies, networking protocols (SSH, SMTP, DHCP, DNS, HTTP, etc.), TCP/IP, OSI model, file systems, ports, services and commands to include Windows and Unix/Linux.
- Significant experience in the SDLC process
- Significant experience in the proper classification, handling, and sanitization of classified material
- Significant experience in the engineering, testing, configuration/tuning, administration and operational use of vulnerability management and assessment technologies such as eEye Retina and Tenable Nessus (ACAS).
- Significant experience conducting vulnerability assessments using Retina, Tenable Nessus (ACAS), WASSP, or SECSCN and subsequent remediation of security control deficiencies.
- Significant experience in the engineering, testing, configuration/tuning, administration and operational use of Security Information and Event Management (SIEM) systems, such as HP ArcSight and Splunk.
- Expert knowledge of incident management lifecycle processes required for the identification, categorization, eradication, response, recovery, and mitigation of cyber security incidents and breaches.
- Expert knowledge of network security architecture concepts, including topology, protocols, and components (e.g., application of defense-in-depth).
- Significant knowledge of common adversary tactics, techniques, and procedures (TIPs) in assigned area of responsibility (e.g., historical country-specific TIPs, emerging capabilities).
- Significant knowledge of network traffic packet captures with capabilities such as WireShark as well as analysis methodologies used with such capabilities.
- Significant knowledge in identifying and classifying attack vectors, malware (detection and analysis), IDS/IPS rule/signature writing and countermeasure development.
Salary to be determined by applicant’s education, experience, knowledge, skills and abilities, internal equity, market data, and contractual requirements.
Pay Range:Pay Range $94,250.00 - $145,000.00 - $195,750.00
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.