Leidos has a current job opportunity for a Cyber Security Analyst. This position is located in Pearl Harbor, HI. This is a 24X7 operation supporting DISA PAC requiring rotating shift work.
Maintain integrity and security of enterprise-wide cyber systems and networks. Coordinate resources during enterprise incident response efforts. Employ advanced forensic tools and techniques for attack reconstruction. Support internal investigations as forensic SME. Perform network traffic analysis as it pertains to the cyber security of communications networks. Review threat data and develops custom signatures for Open Source IDS or other custom detection capabilities. Correlate actionable security events from various sources. Understand attack signatures, tactics, techniques and procedures associated with advanced threats. Develop analytical products fusing enterprise and all-source intelligence. May conduct malware analysis of attacker tools and reverse engineer attacker encoding protocols.
- Member of the Network Assurance (NA) Team (DISA GSM-O program).
- Lead/support NA Activities within PACOM.
- Work closely with Govt counterparts to provide guidance within the CND-SP area.
- Provide CND reports, trends, responses, mitigations, analysis & information dissemination.
- Provide C2 support, situational awareness support, and provide leadership & support for all CND applicable activities within Protect, Detect, Respond, and Sustain.
- Support teams within a performance-based environment with pre-determined Acceptable Levels of Performance (ALP’s).
- Support the development, documentation and tracking of measurements & metrics relevant to the ALP’s.
- Candidate interfaces with Govt counterparts, both CONUS & OCONUS, along with Leidos and sub team members.
- Work as a technical leader within the CNDSP Team, responsible for maintaining the integrity & security of enterprise-wide systems & networks.
- Provide technical leadership to CND Teams supporting security initiatives through predictive & reactive analysis, and by articulating emerging trends to leadership & staff.
- Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks
- Correlate actionable security events from various sources, including Security Information Management System (SIMS) data & develop unique correlation techniques
- Utilize knowledge of attack signatures, tactics, techniques and procedures to aid in the detection of Zero-Day attacks Response.
- Interface with external entities including law enforcement, intelligence community & other government agencies •Provide limited analysis of incidents for the customers by determining the incidents‘ nature and formulating responses; identifying & providing the ability to surge during emergencies; correlating event & incident data; determining possible effects on the DISN, customer networks & other organizations.
- Review threat data from various sources & aid in the development of custom signatures for Open Source & COTs IDS.
- Assess server security posture.
- Ensure security plan compliance.
- Ensure configuration changes do not adversely impact the server security.
- Implement Vulnerability Mgmt System (VMS) and IAVA compliance.
- Monitor servers.
- Provide user administration & logistics support.
- Install, configure & monitor CND security-relevant network components.
- Perform infrastructure monitoring and performance assessment & new req analysis and support.
- Provide support to serviced components & appropriate Govt oversight entities by implementing DoD-wide Red Team: notifications, reports, assessments, coordination, information collection, performance measurement, reqs identification, & feedback.
- Monitor the implementation of IAVAs.
- De-conflict component & information specific IAVA guidance.
- BS and 4+ years of prior relevant experience (exceperience may be substituted in lieu of a degree).
- Must have active Top Secret Clearance with ability to obtain TS/SCI.
- Must hold DoD-8570 IAT Level 2 baseline certification (Security+ CE, CISSP or equivalent).
- Must have experience supporting and/or leading CND or related teams.
- Must have experience working CND duties (e.g., Protect, Defend, Respond, and Sustain).
- Must have experience working with DoD / Government Leaders at all levels.
- Must have strong communication skills (both written and verbal).
- IAM Level III Certification (GSLC, CISM, CISSP).
- At least one other IA certification completed, i.e., SSCP, CSIH, GCIA, GCIH or CEH.
- UNIX Administrative skills.
- Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
- Knowledge of hacker tactics, techniques and procedures (TTP).
- Be able to conduct malware analysis.
- Demonstrated hands on experience with various static and dynamic malware analysis tools.
- Knowledge of advanced threat actor tactics, techniques and procedures (TTP)
- Understanding of software exploits.
- Ability to analyze packed and obfuscated code.
- Comprehensive understanding of common Windows APIs and ability to analyze shellcode.
External Referral Eligible