The Leidos DCSB program in support of Army C5ISR CSSP has an immediate opening for an experienced, and motivated Cyber Transformation Lead.
This role has primary responsibility closely work with the DCSB Chief Technology and Development government lead to identify, develop, and operationalize Cyber Capabilities solutions in support of the C5ISR CSSP. The role focuses on defining and supporting the implementation of the DCSB CSSP Strategic Transformation. This role is expected to "think like an adversary" and provide analyst-centric input into every phase of the Cyber Capabilities development process by gathering requirements from within the CSSP team, Leidos and industry and using related experience to guide key solutioning. Additionally, this role is expected to provide written documentation in support of the Cyber Capabilities mid-term (2-5 year) strategy, a road map highlighting the implementation of that strategy, and contribute to the technical innovation that will evolve Leidos' defensive capabilities and methodologies.
Location: Primarily remote one must live within commuting distance to Adelphi, MD for on-site support.
- Act as a technical SME for the Cyber Security Capabilities that defend the subscriber DoD networks.
- Support the establishment of the mid-term (2-5 year) Cyber Security Capabilities technical vision.
- Work closely with the DCSB Government and teams to ensure the capabilities meet the requirements and needs of the C5ISR CSSP.
- Provide Cyber Operations SME support to DCSB Security Engineering and Architecture to ensure capabilities support C5ISR CSSP transformation from an intelligence consumer to a producer.
- Work closely with DCSB stakeholders to ensure Transformation activities are achievable and consistent with program priorities.
- Support the development of cybersecurity technical roadmaps and documentation to drive constant cyber transformation and improvements in CSSP defensive posture
- Be a SME in the vendor and open-source capabilities available to stay ahead of the threats
- Participate in threat hunt operations using known adversary tactics, techniques, and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise.
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
- Be a Cyber Operations leader and provide direction and mentorship for less experienced team members.
- Bachelor's degree and at least 12+ years of technical work experience in cyber security.
- Demonstrated experience performing cybersecurity analysis from an operators point-of-view
- Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences is essential.
- Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
- Experience in conventional network\host-based intrusion analysis, digital forensics, or malware analysis.
- Strong understanding of Operating Systems and Network Protocols.
- A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats in order to define capabilities to combat them.
- Experience hunting for Advanced Persistent Threats in an environment without previous alert or notification in order to define automation/capabilities around cyber hunt best practices.
- Experience with various SIEM-type platform optimization techniques to maximize analyst workflows.
- Ability to create, modify, and implement countermeasures within common COTS and FOSS tools to gauge their effectiveness.
- DoD 8570 IAT-II certifications (Security+ CE or equivalent) required prior to starting.
- Must obtain CSSP certification within 90 days of hire.
- Active Secret Clearance to start, but must be able to obtain a Top Secret security clearance.
- Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
- Active DoD Secret with eligibility for TS SCI clearance
- Experience with Hybrid Cloud-based information protection.
- Demonstrated use of analysis, design, development, and implementation of technical solutions.
- Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
- Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.
- Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports.
- Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts.
- Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
- Familiarity with common scripting languages (like Perl and Python) to parse logs, automate processes, and integrate systems to maximize use of disparate cyber capabilities
- Experience with Business Intelligence or SOC Automation tools that streamline Operational response
Pay Range:Pay Range $113,100.00 - $174,000.00 - $234,900.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 45,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.