This position will support the DISA GSM-O II Task Number 07 (TN07) Joint Force Headquarters DODIN. GSM-O II provides network operations and cyber defense support to the Defense Information Systems Agency (DISA) in support of the DoD and COCOMs. The selected candidate shall execute in real time, in accordance with mission requirements, provide holistic enterprise defensive strategies for enterprise cyber security capabilities implemented within the infrastructure of the DODIN to include but not limited to Cloud, network boundaries, cross domains, and varying endpoint technologies.
Provide analysis of architectures, technologies, policies, information and analytic data used to determine prevention, detection, and mitigation of anomalous activity, vulnerabilities and inefficiencies.
Perform cyber situational awareness activities and provide analysis and recommendations of situation awareness capabilities.
Conduct micro and macro analysis of enterprise cybersecurity defensive strategies in order to enable operational effectives, defense, and command and control.
Analyze policy, program management office managed systems, hardware, and software, cloud, network infrastructure in order to recommend methods and strategies that reduce and/or managed impacts.
Provide operational assessments, analysis, metrics, recommendations, and enhancements to address Current Operations, Future Operations and long term plans.
Provide proactive cyber security, incident management, and impact assessments based on enterprise cyber security capabilities implemented.
Monitor and recommend configuration management changes of various passive and active defensive capabilities, to include but not limited to, countermeasures, detection methods, and other mitigation strategies, etc. to determine and forecast the most prudent, efficient, and supportable operational environment
Provide enterprise wide cybersecurity, threat analysis, manage, integrate and employ countermeasures and defensive strategies across a multi-tiered, porous domain inclusive of Cloud, federated regional gateways, cross domain peering points, internet access points, and endpoints.
Perform defensive strategy configuration management support including:
Cloud Security: Develop strategies to monitor, detect, and prevent unauthorized manipulation and access of services and data in transit, at rest, and in use
Boundary Security: (Gateways, Cross-Domain Peering Points, Joint Regional Security Stacks (JRSS) or Network Gateways, Internet Access Points or General Boundaries): Identify, discover, and maintain cognizance of the DODIN boundary, inclusive of IAPs, peering points, and other major points of ingress/egress to the DODIN; Document and maintain boundary architectures, understand employed defensive capabilities and available sensor data
Endpoint Security: Perform Endpoint security management and security analysis, to include planning, and assessing, and/or providing the reporting of enterprise strategies for compliance, signatures and integration strategies with mid-tier, and boundary capabilities
Develop metrics and measures and recommend standards to support assessments, process improvements and operational efficiencies at HQ and across the DODIN
Manage enterprise-wide malware analysis collaboration and sharing of IOCs
Support development and management of a malware analysis environment
Analyze and document the function, behavior, origin, and impact of malware samples; support the calculation of risk to the DODIN
Develop and recommend malware analysis SOPs/TTPs for the collection, analysis and protection of the DODIN.
Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data; investigate to identify or rule out system compromises, provide written analytic summaries and attach life cycle visualizations.
Bachelor's degree in a related discipline with 12 to 15 years of applicable combined education and experience; additional related years of experience is accepted in lieu of a degree.
Active DoD TS/SCI clearance and eligible for C/I Polygraph
IAT Level II & III, IAM Level II, CSSP Analyst, (Security +, CySA+, CND, CISSP, CASP+, GCIA, GCIH, GCFA, CEH)
Direct experience with network traffic monitoring/capture/analysis capabilities, and various IDS, IPS, SIM/SIEM/SOAR technologies, to include IDS signature development.
Familiarity with all related aspects of cybersecurity operations/analysis (e.g. incident response & management, forensic media analysis, malware analysis/reverse-engineering, cyber threat intelligence analysis, etc.) and security architecture & engineering.
In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies (TTPs).
Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs).
Proficiency with datasets that support analysis (e.g. passive DNS, WHOIS/registration data, system/service enumeration data, threat indicators/observables, malware analysis results, etc) and various open-source and commercial vendor portals/services/platforms that provide that data.
Experience with DISA and DoD Networks.
Skilled in building extended cyber security analytics.
Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
Experience in intelligence driven defense and/or cyber Kill Chain methodology.
Pay Range:Pay Range $113,100.00 - $174,000.00 - $234,900.00
In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.