Network Security Engineer ( R-00061399 )
The Global Solutions Management-Operations II (GSM-O II), a Defense Group of Leidos, has an opening for a Network Security Engineer supporting the Joint Communications Support Element (JCSE), MacDill AFB, FL.
Provide system administrator (ex. Linux, Windows, Firewalls, Intrusion Prevention/Detection Systems, End Point Security ) support installing, operating, maintaining, troubleshooting, administrating, and cybersecurity hardening of operating systems on both the classified and unclassified systems (SIPR and NIPR).
Utilize formal network security monitoring policies and procedures that include the appropriate use of DoD-approved IDPS tools that have automated alert capabilities enabled.
Perform Detection (Monitoring and Analysis) activities on the JCSE using Intrusion Detection System/Intrusion Prevention System sensors (IDS/IPS).
Follow documented procedures for characterizing anomalous events detected by sensors and other network monitoring systems.
Review and analyze logs in a timely manner to detect intruders.
Provide notice of suspicious/malicious network traffic or similar activities that suggest an impending or on-going attack
Search for distributed, long-term, coordinated, low-visibility network based attacks to identify possible unauthorized activity utilizing exploratory problem-solving or self-learning techniques. Suspicious/significant activity will be shared among the CND/IA community.
Report potential incidents and correlated information from these incidents/events that occur on sensors using documented procedures in accordance with DoD guidance.
Document and escalate incidents
BS degree and 4-8 years of prior relevant experience.
CSSP Analyst (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+ **, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+)
DoD 8140 (Previously 8570), IAT Level II (SEC+ or equivalent) certification
Must have a current DoD Secret clearance prior to start.
Familiarity with Mitre ATT&CK, cyber kill chain, and models such as the Diamond model.
Experience in DoDIN Whitelisting/Blacklisting and Global architecture and data flows to/from the Internet into AOs
Understanding of DoD's boundaries plus DoD's ports, protocols, and services policy
Familiar with RMF and DoD's Assessment and Accreditation process
GSMOExternal Referral Bonus:EligibleExternal Referral Bonus $:$3000Potential for Telework:NoClearance Level Required:SecretTravel:NoScheduled Weekly Hours:40Shift:DayRequisition Category:ProfessionalJob Family:Cyber OperationsPay Range: