Senior Incident Response Analyst - Cyber Security Operations Center
Company: Leidos Inc
Location: Washington
Posted on: September 3, 2024
Job Description:
Description Leidos has a current job opportunity for a Senior
Cybersecurity Analyst with a strong incident response / SOC
background to join the DISA GSM-O program at the Pentagon. Our team
provides 24x7 cybersecurity monitoring services for Joint Service
Provider networks. This includes performing real-time cyber threat
intelligence analysis, correlating actionable security events,
performing network traffic analysis using raw packet data, and
participating in the coordination of resources during the incident
response process.This position will work core hours (roughly
8am-5pm, with some flexibility) and an active TS/SCI security
clearance is required to start.Primary Responsibilities:
- Utilize state-of-the-art technologies such as host forensics
tools (FTK/Encase), Endpoint Detection & Response tools
(MDE/Trellix), log analysis (Splunk), SIEM (Elastic/XSOAR) and
network forensics (full packet capture solution) to perform hunt
and investigative activity to examine endpoint and network-based
data.
- Conduct malware analysis, host and network, forensics, log
analysis, and triage in support of incident response.
- Recognize attacker and APT activity, tactics, and procedures as
indicators of compromise (IOCs) that can be used to improve
monitoring, analysis and incident response.
- Develop and build security content, scripts, tools, or methods
to enhance the incident investigation processes.
- Lead Incident Response activities and mentor junior SOC
staff.
- Work with key stakeholders to implement remediation plans in
response to incidents.
- Effectively investigative and identify root cause findings then
communicate findings to stakeholders including technical staff, and
leadership.Basic Qualifications:
- Must have an active DoD TS/SCI security clearance
- Must have a current DoD 8570 IAT level II or higher
certification prior to starting (ex: CompTIA Security+ CE, ISC2
SSCP, SANS GSEC or equivalent)
- Must have a current DoD 8570 CSSP-A level certification prior
to starting (ex: CEH, CySA+, GCIA or equivalent)
- Bachelor's degree and 8+ years of prior relevant experience;
additional work experience or Cyber courses/certifications may be
substituted in lieu of degree.
- 5+ years of experience in the areas of incident detection and
response, malware analysis, or computer forensics.
- Motivated self-starter with strong written and verbal
communication skills, and the ability to create and present complex
technical reports on analytic findings
- Demonstrated understanding of the life cycle of network
threats, attacks, attack vectors and methods of exploitation with
an understanding of intrusion set tactics, techniques and
procedures (TTPs).
- Demonstrated commitment to training, self-study and maintaining
proficiency in the technical cybersecurity domain and an ability to
think and work independently
- Strong analytical and troubleshooting skills.
- Willing to perform shift work, including weekend hours, if
needed.Preferred Qualifications:
- Demonstrated hands-on experience analyzing high volumes of
logs, network data (e.g. Netflow, Full Packet Capture), and other
attack artifacts in support of incident investigations.
- In-depth knowledge of architecture, engineering, and operations
of at least one enterprise SIEM platform (e.g. ArcSight, Splunk,
Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic).
- Experience and proficiency with any of the following:
Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network
Forensics.
- Experience with malware analysis concepts and methods.
- Unix/Linux command line experience.
- Scripting and programming experience.
- Motivated self-starter with strong written and verbal
communication skills, and the ability to create complex technical
reports on analytic findings.
- Familiarity or experience in Intelligence Driven Defense, Cyber
Kill Chain methodology, and/or MITRE ATT&CK framework.Original
Posting Date:2024-08-01While subject to change based on business
needs, Leidos reasonably anticipates that this job requisition will
remain open for at least 3 days with an anticipated close date of
no earlier than 3 days after the original posting date as listed
above.Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay
range for this job level is a general guideline onlyand not a
guarantee of compensation or salary. Additional factors considered
in extending an offer include (but are not limited to)
responsibilities of the job, education, experience, knowledge,
skills, and abilities, as well as internal equity, alignment with
market data, applicable bargaining agreement (if any), or other
law.
Keywords: Leidos Inc, Washington DC , Senior Incident Response Analyst - Cyber Security Operations Center, Professions , Washington, DC
Didn't find what you're looking for? Search again!
Loading more jobs...