• Find preferred job with Jobstinger
  • ID
    #17803257
  • Job type
    Permanent
  • Salary
    TBD
  • Source
    Leidos
  • Date
    2021-08-03
  • Deadline
    2021-10-02
 
Permanent

Vacancy expired!

Description

Job Description:

Job Description

Leidos is seeking a Senior Incident Response Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff.

Primary Responsibilities
  • In-depth knowledge of each phase of the Incident Response life cycle
  • Expertise of Operating Systems (Windows/Linux) operations and artifacts
  • Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP, etc), and devices (Firewalls, Proxies, Load Balancers, VPN, etc)
  • Ability to recognize suspicious activity/events, common attacker TTPs, perform logical analysis and research to determine root cause and scope of Incidents
  • Drive implementation and improvement of new tools, capabilities, frameworks, and methodologies
  • Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis, case and knowledge management, and SOC operations
  • Promote and drive implementation of automation and process efficiencies
  • Familiarity with Cyber Kill Chain and ATT&CK Framework and how to leverage in Security Operations
  • Provide guidance and mentorship to improve analyst skill sets and ensure delivery of high quality analysis and work products
  • Establish trust and business relationships with customer and other relevant stakeholders

Basic Qualifications
  • All Senior Incident Response Analyst candidates shall have a minimum of a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS eight (8) years of experience in incident detection and response, malware analysis, or cyber forensics.
  • Must have TS/SCI. In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
  • 4+ years of supervising and/or managing teams
  • 5+ years of intrusion detection and/or incident handling experience
  • CISSP and SANS GCIH or GCIA required upon start
  • Advanced knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex Enterprise
  • Significant experience supervising and leading employees of various labor categories and technical skill levels in efforts similar in size and scope to a mature Security Operation
  • Mature understanding of industry accepted standards for incident response actions and best practices related to SOC operations;
  • Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.
  • Strong analytical and troubleshooting skills.
  • Must be a US Citizen.

Preferred Qualifications
  • Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
  • Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing large-scale incident response.
  • Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
  • Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments

External Referral Bonus:Eligible

External Referral Bonus $:5000

Potential for Telework:No

Clearance Level Required:Top Secret/SCI

Travel:No

Scheduled Weekly Hours:40

Shift:Day

Requisition Category:Professional

Job Family:Cyber Operations

Pay Range:

Vacancy expired!

Report job