Security Operations / Engineering Lead
Company: Leidos
Location: Gaithersburg
Posted on: January 26, 2023
|
|
Job Description:
DescriptionJob Description:The Leidos Civil Group has a current
job opportunity for a Cyber SIEM SME.POSITION SUMMARY:Are you ready
to join an impactful company? Leidos is a Fortune 500 technology,
engineering, and science solutions and services leader working to
solve the world's toughest challenges in the defense, intelligence,
civil, and health markets. This position will perform Cyber SIEM
SME engineering support on current and future SIEM products, ensure
data feeds and application operation are maintained, and provide
support to cyber security analysts in development of analytics and
other operational aspects of the SIEM product.PRIMARY
RESPONSIBILITIES:Provide engineering support for current and future
SIEM products to ensure SIEM is operational and cost
efficientSupport cyber security analysts in development of
analytics using SIEM including support of SOC benchmarkingTrain
cyber security analysts on operation and higher-level usage of
SIEM.Lead threat hunting activities.Coordinate penetration testing,
forensic analysis and vulnerability assessment activities.Report
outages/issues with the SIEM that can not be fixed locally and
track to completion of fix action.Design, document, deploy, share,
and support complex use-case content packages to adapt to current
and future data feeds and sources. Content developed and
implemented by Administrator shall include business logic, naming
conventions, categorization, prioritization, correlation rules,
report templates, use cases, and dashboard / workflow
authoring.Coordinate with other SIEM experts on the team across
Leidos Civil and other operations centers to formulate and
implement content-development best- practices.BASIC
QUALIFICATIONS:Demonstration of leadership abilities, with
effective verbal and written communications to both technical and
executive stakeholders and proven ability to lead during a
crisisAdvanced critical-thinking and research skills, and
experience with proactive threat hunting and mitigation beyond
traditional detection methodsBachelor's degree and 12+ years of
prior relevant experience; additional work experience or
Cybercourses/certifications may be accepted in lieu of
degree.In-depth knowledge of architecture, engineering, and
operations of SIEM/SOAR solutions.CND experience (Protect, Detect,
Respond and Sustain) within a Computer Incident Response
organization.Demonstrated understanding of the life cycle of
network threats, attacks, attack vectors and methods of
exploitation with an understanding of intrusion set tactics,
techniques and procedures (TTPs).Strong SIEM experience.Advanced
understanding of TCP/IP, common networking ports and protocols,
traffic flow, system administration, OSI model, defense-in-depth
and common security elements.Demonstrated hands-on experience
analyzing high volumes of logs, network data (e.g. Netflow, Full
Packet Capture), and other attack artifacts in support of incident
investigations.Security certification such as CompTIA Security+ CE,
ISC2 SSCP, SANS GSEC prior to starting.Microsoft Azure
Certification: Microsoft Security Operations Analyst or more
advanced certification is required within 180 days of
hire.Certification such as CEH, CySA+, GCIA or other certification
is required within 365 days of hire.Demonstrated commitment to
training, self-study and maintaining proficiency in the technical
cyber security domain and an ability to think and work
independently.Must be a US Citizen.Must be able to obtain and
maintain security clearance, specifically DoD/Secret Clearance or
TS/SCI.PREFERRED QUALIFICATIONS:Microsoft Sentinel
experienceAdvanced certifications involving operation, maintenance,
administration of at least one enterprise SIEM platform (e.g.
Splunk, Elastic/Kibana).Unix/Linux command line
experience.Scripting and programming experience.Motivated
self-starter and the ability to create complex technical reports on
analytic findings.Experience and proficiency with any of the
following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture,
Network Forensics.Familiarity or experience in Intelligence Driven
Defense and/or Cyber Kill Chain methodology.Pay Range:Pay Range
$118,300.00 - $182,000.00 - $245,700.00The Leidos pay range for
this job level is a general guideline only and not a guarantee of
compensation or salary. Additional factors considered in extending
an offer include (but are not limited to) responsibilities of the
job, education, experience, knowledge, skills, and abilities, as
well as internal equity, alignment with market data, applicable
bargaining agreement (if any), or other law.
Keywords: Leidos, Washington DC , Security Operations / Engineering Lead, Engineering , Gaithersburg, DC
Click
here to apply!
|