Job Details
Endpoint Security Analyst ( R-00081680 )
Description
Job Description:Leidos has an immediate need for an experienced Endpoint Security Analyst for a new customer on a highly-visible and strategic Cybersecurity Task Order. The Endpoint Security Analyst will be responsible for conduct host-based defensive cyber operations using endpoint detection and response (EDR) products, as well as anti-malware tools and other endpoint security controls. The ideal candidate is a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to work within a team to stand up and mature the cybersecurity capabilities of our customer
Primary Responsibilities:
Deploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security tools
Coordinating and assisting engineering with the deployment and centralization of an approved malware protection tool across multiple FISMA systems
Utilize approved tools to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions
Coordinating with engineering to develop and implement plans to apply patches, hot fixes, and other critical updates as needed
Build queries, dashboards, and reports for enterprise and leadership awareness
Troubleshoot endpoint tool issues and outages
Develop and maintain policies and tasks for all related endpoint products
Develop Standard Operating Procedures (SOPs) for the operation and maintenance of endpoint security tools
Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards
Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy
Basic Qualifications
Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this program
BS degree in Science, Technology, Engineering, Math or related field and 4+ years of prior relevant experience with a focus on cybersecurity
Prior Experience deploying Endpoint Security Solutions (ESS) including Mcafee ePO, Crowdstrike, Microsoft Defender, and Sophos.
Strong foundational security knowledge, specifically in large and complex organizations
Understanding of current security threats and other challenges, as well as frameworks like MITRE ATT&CK
At least one of the following certifications:
SANS GCIA, GCIH, GCFA, GCFE, GREM, GISF, GXPN, GWEB, GNFA, GMON
Offensive Security: OSCP, OSCE, OSWP, OSEE
ISC2: CCFP, CISSP
EC Council: CEH, CHFI, LPT, ECSA, ECIH
A desire to learn, combined with a collaborative work style and strong personal work ethic
Strong communication and presentation skills, both verbal and written
Preferred Qualifications
Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter
Experience deploying, configuring, and maintaining McAfee point products such as VirusScan Enterprise, Rogue System Detection (RSD), Policy Auditor (PA), Data Loss Prevention (DLP) / Device Control Module (DCM)
Experience deploying and configuring Crowdstrike Falcon Prevent sensors on endpoints
Experience with creating and implementing custom IOCs and IOAs in Crowdstrike
Experience with triaging and investigating hosts using Crowdstrike