Cyber Security Analyst Security Clearance

Position: Cyber Security Analyst with Security Clearance
R
- Description Leidos has a current job opportunity for a Cyber Security Analyst on the DISA GSM O-II   program in  Arlington, VA - this position is 100% on-site and applicants must be willing to support rotating shift work.

POSITION SUMMARY:

This position provides 24x7 cybersecurity monitoring   and analysis   services for Department of Defense networks   above the SECRET level . This includes performing   real-time   cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and   participating   in the coordination of resources during the incident response process .

PRIMARY RESPONSIBILITIES:

* Review DoD and   open-source   intelligence for threats   and to   identify   Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs   
* Utilize alerts from endpoints, IDS/IPS,   netflow , and custom sensors to   identify   compromises o n customer networks/endpoints     
* Review massive log files, pivot between data sets, and   correlate   evide nce for incident investigations   
* Triage alerts to   identify   malici ous actors on customer networks   
* Report incide nts to customers and USCYBERCOM

BASIC QUALIFICATIONS:

* Active DoD Top Secret security clearance with SCI eligibility required for consideration.
* Bachelors   Degree   and 4+ years of   prior relevant experience;
additional   work experience or Cyber courses/certifications may be substituted in lieu of a degree.

* Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in- depth   and common security elements.

* Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings   
* DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.

* DoD 8570 CSSP-A level Certification such as CEH,   CySA +, GCIA or other   certification is   required   within 180 days of hire.

* Demonstrated commitment to training, self-study and   maintaining   proficiency   in the technical cyber security domain and an ability to think and work independently     
* Strong analytical and troubleshooting skills   
* Willing to perform shift work   
* Must be a US Citizen

PREFERRED QUALIFICATIONS:

* CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.

* Demonstrated understanding of the life cycle of network   threats , attacks, attack   vectors   and methods of exploitation with an understanding of intrusion set tactics,   techniques   and procedures (TTPs).

* Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in- depth   and common security elements.

* Demonstrated hands-on experience analyzing high volumes of logs, network data ( e.g.
Splunk,   Suricata, Zeek , Full Packet Capture), and other attack artifacts in support of incident investigations.

* In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform ( e.g.
Splunk   ES ,   Core Light /Elastic ).

* Experience and   proficiency   with any of the following:
Splunk , Suricata, Zeek , Full Packet Capture, Network Forensics , Endpoint Security.

* Experience with malware analysis concepts and methods.

* Unix/Linux command line experience.

* Scripting and   or   programming experience   to write Suricata and Zeek rule sets .

* Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

* Familiarity or experience in Intelligence Driven Defense and/or   Mitre   ATT&CK, and/or   Cyber Kill Chain methodolog ies .

* Existing 8570   CSSP   Analyst Certifications (CEH) ,   CySA + etc .
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and…