Security Computer and Forensics Investigator – Computer and Network Security Investigator TS/SCI with POLY Required ( R-00072454 )
Why wake up every day and want more when YOU CAN HAVE IT? Do you love KNOWING at the end of each day that your work made a difference? Have you ever wondered what it would be like to work with one of the BEST in government contracting? Ranked by Forbes in 2018 as a Top 100 government contractor and one of the World’s Most Ethical Companies, Team Leidos is one you don’t want to overlook.
Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. We embrace and solve some of the world's toughest challenges. We’re focused on ensuring our intelligence customers have the right tools, technologies, and tactics to keep pace with an ever-evolving threat landscape and succeed in their mission to protect people and critical assets around the world. Who wouldn’t be fulfilled being part of that every day? We know once you join Team Leidos, you are sure to go home at the end of every day knowing YOU MADE A DIFFERENCE, resulting in one of the most REWARDING careers you could have imagined. WE WANT YOU!!
Computer and Network Security Investigators: conduct administrative investigations (i.e. computer misuse, unauthorized disclosures of sensitive or classified information, mishandling sensitive or classified information, etc.); provide computer and network forensic analysis support to SII and Agency investigators; directly support the NGA Cyber Security Operations Cell (CSOC) during responses to computer and network security incidents; and perform other duties as assigned.
- Investigate suspected instances of fraud, waste and abuse, data spills, and network penetrations.
- Investigate and eradicate computer viruses and malicious code.
- Provide computer incident and violation response support, and cyber security awareness and training.
- Participate in technical meetings and working groups to address issues related to computer security and vulnerabilities.
- Develop and deliver reports and briefings.
- Evaluate system and program security vulnerabilities; develop procedures and countermeasures that protect operations.
- Incorporate all security disciplines; recommend and develop requirements, specifications, designs, and procedures that satisfy program security policy and planning guidance.
- Monitor implementation of security requirements for Government and Industry facilities and systems.
- Forensic: uses a variety of forensics and intrusion detection tools to conduct forensic examination activities including assisting in the analysis of various types of network, computer and technology devices which may contain digital evidence.
- Provide computer incident and violation response support, and will participate in technical meetings and working groups to address issues related to computer security, protection against malware, and other vulnerabilities.
- Investigate alerts identified by various security appliances and review audit logs to determine if an incident has occurred.
- Use best practices to document and preserve digital evidence for legal proceedings.
All applicants must have an active TS/SCI clearance and agree to undergo a Polygraph examination to be considered for this position.
BA/BS in Engineering, Computer Science or related science field preferred. A minimum of 7 years' experience in computer science, software engineering, information security fundamentals or general IT. Additional relevant experience in lieu of degree may be considered.
Years of experience: Minimum 5 years of technical experience working in a client/server environment. The applicant should have knowledge in the proper use of computer forensics and security compliance tools, and experience conducting network based incident investigations. The applicant should have experience with Guidance Software toolsets to include EnCase Forensics and EnCase Enterprise, and have demonstrated understanding of client/server architecture and TCP/IP protocols. The applicant should have knowledge of modern Windows Server platforms and desktop operating systems. The applicant should have experience maintaining "chain of custody" by following standard rules of digital evidence. The candidate should have an in-depth working knowledge in DOD and IC intelligence regulations, be familiar with intelligence oversight principles, must possess superior writing and briefing skills, and be capable of providing polished analysis documentation.
Preferred Qualifications: Have an understanding of how various attacks work at the memory and register level. Experience with UNIX/Linux operating systems and various programming and scripting languages are desired. Experience utilizing Microsoft SQL server, BindView and ArcSight would be beneficial. Proficiency using MS-Office tool suite is desired, as is knowledge of all Microsoft Office Suite applications and uses. Prior experience with network intrusion is desired. Experience authoring and executing plans and programs at the headquarters or agency level is beneficial.Pay Range: