Looking for an exciting opportunity to make an impact as a Sr. Deception Analyst?
1901 Group (A Leidos Company) has an exciting Sr. Deception Analyst position located in Woodlawn MD with opportunities to work a hybrid schedule at home as well as the office.
Our new Sr. Deception Analyst will work with an elite team of IT professionals to maintain an optimal environment for critical systems. We are looking to hire a Senior Cyber Security Analyst to provide a full range of cyber security services with a focus on deception practices for developing detection methods that deceive attackers into interacting with decoys and other deception mechanisms.
• Research new and innovative deception practices, methods and techniques
• Plan and create deception mechanisms to be deployed within the organization’s architecture
• Perform detailed investigation and response activities for potential security incidents
• Develop innovative monitoring and detection solutions using client tools and other skillsets such as scripting and content development
• Author documentation containing current deployments details and configurations
• Participate in deception exercises with other teams/departments to assess the effectiveness of deception components deployed within the organization’s architecture
• Participate in root cause analysis or lessons learned sessions
• Provide actionable intelligence for proactive detection and monitoring of potential threats
• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
• Respond to computer security incidents associated with deception mechanisms and conduct threat analysis
• Create, manage, and dispatch incident tickets associated with deception detections and alerts
• Ensure all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Document investigation results, ensuring relevant details are passed to SOC Leads, Incident Management team and stakeholders
• Resolve or coordinate the resolution of cyber security events related to deployed deception components
• Recommends implementation of counter-measures or mitigating controls
• Monitor external event sources for security intelligence and actionable incidents
• Develop processes and procedures for deploying deception components
• Must be able to obtain and maintain a Public Trust security clearance prior to start
● Bachelor’s degree in Computer Science or related field and 4+ years of relevant IT experience (additional years of IT experience accepted in lieu of degree)
● 2-4 years of experience in a Penetration Testing or SOC environment
● In-depth understanding of tactics and techniques utilized by adversaries
● Proven understanding of the Cyber Kill Chain and Incident Response Phases
● In-depth understanding of various operating systems, network/system infrastructure, networking protocols/services and enterprise architectural design
● Ability to work individually or as a team
● Must be driven and motivated with excellent organization skills
● Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
● Excellent written and verbal communication skills
● Must be comfortable with public speaking, presenting proposals and findings to leadership
● Excellent analysis skills and ability to identify patterns and trends in data
● Familiar with cloud environments and services
● Communicate well with Executives, Managers, Peers and Customers.
● A US Citizen who can obtain a public trust clearance
● At least one of the following certifications: PenTest+, CySA+, GCIH, GCIA, GPEN, eJPT, eCPPT, PNPT, OSCP, AWS Certified Solutions Architect Associate, AWS Certified Security - Specialty
● Experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
● Ability to think creatively and implement innovative solutions
● Familiar with AWS cloud environments, architecture, and services
● Familiarity with the MITRE ATT&CK framework
● Experience with proprietary and open source deception technologies and platforms is preferred
● Experience with SIEM technologies such as Splunk is preferred
Who Are We?
1901 Group (A Leidos Company) prides itself on looking ahead of our competitors for the next wave of IT trends. We provide our employees with training and development opportunities, preparing them for upcoming technical challenges.
With primary office locations in Blacksburg and Reston, VA, our teams support customers from across the United States. Our innovative IT as-a Service delivery model is supported by industry certifications that ensure quality and efficient IT solutions.
We are transforming the delivery of IT services through the use of enterprise managed services that leverage the cloud to securely monitor, manage, and optimize complex IT environments.
The history of automation is what inspired the name of our company. 1901 was the year that another disruptive technology changed the world: the assembly line. Leveraging skills and materials in an efficient manner within a repeatable process that quadrupled output applies to IT services today.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 45,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.