Lead Cyber Security Analyst ( R-00072119 )
Leidos is a Fortune 500™ company aimed at embracing and solving some of the world’s most pressing challenges. Through science and technology, Leidos makes the world safer, healthier and more efficient.
Our Civil Group offers an array of exciting career opportunities for the best IT, energy, logistics and engineering professionals. Driven by our talented workforce, the Federal Energy, Environment and Commerce Operation builds trust through an array of energy-related IT, environmental science and engineering solutions to meet our customers’ needs.
Command & Control
The candidate will rely on their cybersecurity background to support our customers in meeting the DOE requirements set forth in our contracts.
Rely on their cybersecurity and technical background to perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted government standards.
Contribute to the Risk Managed Framework (RMF) for new and existing information systems, to include facilitating Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and Continuous Monitoring.
Conduct compliance review of operating systems (i.e., Windows, Linux) to governing requirements.
Assess test/analysis data to document state of compliance with security requirements;
Conduct network monitoring, risk assessments and investigations; assist subject matter experts with executing appropriate risk mitigations, and incident response activities.
Interface with the appropriate customers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements.
Communication Skills: The candidate should have demonstrated leadership qualities, strong verbal/written communication skills, communicate clearly at both one-on-one and group levels, communicate with team leaders, managers and internal employees in the decision-making process to obtain needed information, make the most appropriate decisions, and ensure buy-in and understanding of resulting decisions.
Task Management Skills: The candidate is expected to proactively determine project or assignment requirements by breaking them down into tasks and identifying types of equipment, materials needed. The candidate consistently and proactively identifies more critical and less critical activities and assignments and effectively adjust priorities when appropriate.
Team Coordination Skills: The candidate is expected to set high expectations for oneself, has the courage to raise the bar continuously. The candidate holds oneself and others accountable for continuous improvement and communicates expectations directly, openly and effectively. The candidate conveys sense of purpose and mission that motivates others, maintains direction, and balances big-picture concerns with day-to-day issues. The candidate guide others in creating relevant options for addressing problems/opportunities and achieving desired outcomes.
Base of Knowledge Skills: The candidate must have complete knowledge of verification, validation, certification and qualification processes and procedures, including knowledge of current governing regulations and compliance requirements; advanced level of understanding and proficiency in the use of networking computing hardware and software applications; extensive knowledge of processes and tools needed to maintain, archive, and retrieve digital files; as it relates to cybersecurity, ability to read and understand contracts, Statements of Work.
Education & Certifications:
Bachelor’s degree in an IT related subject matter area from an accredited college or university and seven years of experience in an IT related position with at least five years being in an operational cyber security specific role (e.g., information system security manager, information system security officer, cyber security specialist) or have ten years of experience in an IT related position with at least seven of those years in an operational cyber security specific role
Possess a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or similar professional certification
Experience & Requirements:
Security Clearance: Candidate must be able to secure and maintain a DOE Q Clearance. Position is contingent upon clearance verification and program/customer concurrence.
Experience with policies and implementation of Risk Management Framework (RMF): DOE and NIST 800 series required publications.
Experience in assessing and documenting test or analysis data to show cybersecurity compliance.
Demonstrated knowledge of processes and tools to maintain, archive, sanitize, and retrieve digital files.
Demonstrated knowledge with security relevant tools, systems, and applications in support of RMF to include: NESSUS, SPLUNK, Crowdstrike, Cisco ESA& WSA, Acunetix, etc.
Demonstrated experience with performing security compliance monitoring and security policy assessments/audits.
We value and support the well-being and mobility of our employees with competitive benefit packages, complementary e-learning training, work-life flexibility, an exciting External Referral Program, and a diverse, inclusive and ethical work place. In fact, in 2020, Leidos was ranked as one of the “World's Most Ethical Companies” by the Ethisphere Institute for the third consecutive year.Pay Range: