Job Details
Technical Lead/Cyber Security SME
Description
Job Description:
No two career paths will ever look the same. At Leidos, we know the most talented and diverse IT and cyber security professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.
Leidos is seeking a Security Operations Center (SOC) Technical Lead/Cyber Security SME to support a federal customer within the Department of Homeland Security, Immigration and Customs Enforcement (ICE) Security Operations Center (SOC).
Primary Responsibilities:
- Provides subject matter expertise on enterprise information security architecture as applied to the organization's overall security strategy.
- Advises program on overall risk levels and security posture.
- Serves as an internal consultant and advisor in own area(s) of expertise (e.g., technology, tools, standards, best practices, processes, etc.).
- Manages and conducts hands-on technical analysis as a supplement to the Incident Response and Forensics Teams during high-visibility or high-workload investigations
- Serves as a contractual “Task Lead” with supervisory responsibilities over technical teams
- Guide and mentor multiple team-leads ranging from a number of cyber security technical disciplines, including SIEM, network assurance, host assurance, web assurance, etc.
- Provides subject matter expertise in the development of cyber operations specific indicators measuring success and attainment of team goals and objectives.
- Articulates daily challenges to the Program Manager to support SOC development and growth
- Interprets and advises on patterns of noncompliance with program standards and adherence to industry best practices to determine their impact on levels of risk and/or overall effectiveness of the team’s cyber security mission and objectives.
- Interprets and advises on appropriate application of laws, regulations, policies, standards, or procedures to specific issues.
- Develops short-term and strategic training events for the assigned team.
Basic Qualifications
- Bachelor’s Degree in computer science, telecommunications, or a related technical field, and 12 years of prior relevant experience or Masters with 10 years of prior relevant experience. Must have a minimum of a DoD Secret Clearance and in addition, must be able to obtain a DHS ICE EOD as well.
- Bachelor’s Degree in Computer/Engineering Science, Information Systems, Cybersecurity, or related field preferred
- 3-5 years of work experience in Cybersecurity engineering
- Experience with developing/integrating cybersecurity designs for systems and networks
- Experience with documenting and addressing organizational information security, cybersecurity architecture, and systems security engineering requirements
- Experience with developing system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements
- Experience with documenting the protection needs (i.e. security controls) for information system(s) and network(s)
- Ability to perform security reviews, identify gaps in security architecture, and develop a security risk management plan
- Ability to develop a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements
- Experience with vulnerability scanning tools to include those supporting operation system, web application, database assessments,
- Skill in translating operational requirements into protection needs (i.e. security controls)
- Security Information & Event Management (SIEM) work experience
- Hands on experience with Windows/Linux operations to include configuration, maintenance, and management
- Cybersecurity Certifications: At least one of the following: CISSP, CCSP, CCNA,CISSP-ISSAP,CISSP-ISSEP, GIAC, SSCP, Security+ (or equivalent as approved by the Government)
- Secret Clearance (Eligible)
Preferred Qualifications
- Ability to execute technology and/or tool automation processes.
- Ability to optimize systems and/or tools to meet enterprise performance requirements.
- Technical (hands-on) experience with Cyber Security Incident Handling, Malware Analysis, Security Monitoring, Cyber Security Compliance, Cyber Security Risk assessments, and technical procedure documentation
- Knowledge of operations testing and evaluation methods as they relate to the Cyber Security area of expertise.
- Experience managing a technical team in an operational environment (SOC considered a plus)
- Experience in network and cyber security design, engineering and operations
- Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment
- Understanding of DevOps/Agile concepts and processes
ICESOC