Job Details
Leidos
Computer Network Defense Security Engineer
Description
Job Description:
Ranked first in Government IT and systems integration, Leidos brings decades of experience leading large-scale mission-critical network IT programs. We’re looking for visionaries and enablers to help us deliver game changing results.
Leidos is seeking qualified candidates in a proposal effort to join our Engineering and Technical Support team, who will manage enterprise operations and deliver IT architecture modernization in support of the Department of the Navy. If awarded to Leidos, positions would be available in the Washington, DC Metro area and other locations across the US and abroad.
We offer competitive compensation, retirement and paid leave packages, health and wellness programs, career development trainings and certifications, income protection, employee stock purchase plans, and family benefits.
We are looking for top talented individuals with expertise and experience in:
Computer Network Defense Security Engineering
Primary Responsibilities
The Cyber Security Engineer will provide design, development, integration, implementation, operation and analysis of cyber security technologies.
Additionally, this candidate will provide support to ensure products and services comply with all appropriate Information Assurance policies/procedures, network defense requirements and best practices as prescribed by ODNI, DIA, DoD, DISA, Navy Cyber Defense Operations Command (NCDOC), NCIS, Intelligence Community-Incident Response Center (IC IRC), and local authorities.
Our Cyber Security Engineer will provide support protection activities and response actions for government Information Technology systems and this person will help ensure that all products and services delivered on this contract meet or exceed the security criteria specified by external authorities for computer network defense
Minimum Requirements
Must have an active Top Secret/SCI security clearance.
Bachelor's Degree in CS, IT, IA or related area of study and 8 or more years of concentrated experience in the CND discipline. 15 or more years of relevant professional experience in those fields; in lieu of degree.
5 or more year’s professional experience in the interpretation and implementation of the following policy documents: DoD Directive 8530.02M, Chairman Joint Chief of Staff (CJCS) Instruction 6510.01F, and CJCS Manual (CJCSM) 6510.018.
3 or more years professional Project or Program Management experience.
6 or more years professional experience in the design, development, integration, implementation, operation, and analysis of cyber security technologies used within the Department of Defense (DoD) and Intelligence Community (IC), as well as knowledge of federal cyber security initiatives.
10 or more years professional experience with Local Area Network (LAN)/Wide Area Network (WAN) technologies, network ng protocols (SSH, SMTP, DHCP, DNS, HTTP, etc.), TCP/IP, OSI model, file systems, ports, services and commands to include Windows and Unix/Linux (netstat, nbtstat, nslookup, ping, traceroute, mkdir, Is, chown, ipconfig, ifconfig, etc.).
Effective interpersonal, organizational, time management, writing/documentation, briefing skills with strong attention to detail.
Strong analytical, conceptual and problem solving skills.
Proven ability in communicating effectively with all levels of management, mission stakeholders and customers; developing/presenting presentations; conveying complex technical issues in business terms.
Proven ability in thinking outside the box by providing innovative, creative solutions to complex cyber security Issues.
Proven ability in prioritizing, executing and completing tasks with little to no direction in high-pressure environment.
Significant experience establishing and managing high performing CND teams with a continued focus on development in the areas of individual and team mentoring/building skills.
Significant experience utilizing Federal, DoD, IC, and industry standards in the creation of "best practices," manuals, and standard operating procedures.
Significant experience in the System/Software Development Life Cycle (SDLC) Process.
Significant experience in identifying and conducting research in emerging technologies and assessing their technical and performance characteristics.
Significant experience in writing technical documents addressing complex, sensitive issues.
Significant experience in the development and implementation of computer network defense tactics, techniques, and procedures (TI'Ps).
Significant experience in the proper classification, handling, and sanitization of classified material.
Significant experience in the engineering, testing, configuration/tuning, administration and operational use of Network Intrusion Detection/Prevention systems (NIDPS), such as Cisco ASA, HP Tipping Point, McAfee Intrashield, and host-based intrusion Detection/Prevention such as McAfee ePO (HBSS).
Significant experience in the engineering, testing, configuration/tuning, administration and operational use of vulnerability management and assessment technologies such as eEye Retina and Tenable Nessus (ACAS).
Significant experience conducting vulnerability assessments using Retina, Tenable Nessus (ACAS), WASSP, or SECSCN and subsequent remediation of security control deficiencies.
Significant experience in the engineering, testing, configuration/tuning, administration and operational use of Security Information and Event Management (SIEM) systems, such as HP ArcSight and Splunk.
Expert knowledge of policies and processes related to Computer Network Defense (CND) implementation, execution, and management.
Expert knowledge of incident management lifecycle processes required for the identification, categorization, eradication, response, recovery, and mitigation of cyber security incidents and breaches.
Expert knowledge of network security architecture concepts, including topology, protocols, and components (e.g., application of defense-in-depth).
Significant knowledge of common adversary tactics, techniques, and procedures (TIPs) in assigned area of responsibility (e.g., historical country-specific TIPs, emerging capabilities).
Significant knowledge of virtualization technologies such as VMWare and VirtualBox.
Significant knowledge of common enterprise service such as domain controllers, print, email, DNS, and web servers.
Significant knowledge of network traffic packet captures with capabilities such as WireShark as well as analysis methodologies used with such capabilities.
Significant knowledge in identifying and classifying attack vectors, malware (detection and analysis), IDS/IPS rule/signature writing and countermeasure development.
Significant knowledge of firewall rules and routing rules.
Significant knowledge of scripting and coding languages (i.e. Python, Perl, Ruby, Javascript, PowerShell, etc. and C, C++, Java, VisualBasic.Net, PHP, AJAX).
Significant knowledge of forensic processes required for the collection, acquisition and analysis of forensic images and other data with tools such as EnCase Enterprise, EnCase CyberSecurity, LinEn, and netcat; recovery COs (such as ERD Commander or Hiren); and Syslntemals tools.
Significant knowledge of penetration testing I Red Teaming tactics, techniques, and procedures, including phishing and the use of various tools such as Backtrack/Kali, SamuraiWTF, NMap, Burp Suite, sqlmap, and Metasploit.
Certifications: Per the requirements of the DoD Cyber Security Workforce Improvement Program, DoD 8570.01-M, prior to reporting on board, all Contractor personnel must possess one of the following industry certifications: GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), GIAC Certified Incident Handler (GCIH), Computer Security Incident Handler (CSIH), CISSP, or CASP.
Preferred Qualifications
Master's Degree in CS, IT, IA or related area of study.
PMP desired.
ETS