Security Information and Event Management (SIEM) Specialist ( R-00058199 )
Leidos is a FORTUNE 500 company bringing a mix of innovative technology and sector expertise to customers in the national security, engineering, and the health industries. Leidos is seeking a Computer Security Systems Specialist providing Security Information and Event Management (SIEM) support for a position as part of a team supporting the Defense Information Security Agency (DISA) at Joint Base Pearl Harbor-Hickam, Hawaii. This is a full-time position that will work on site.
The Computer Security Systems Specialist is responsible for tasks on contract related to the UCSA On-Site Support. Under general supervision, analyzes and defines security requirements for Multi Level Security (MLS) issues. Designs, develops, engineers and implements solutions to MLS requirements. Gathers and organizes technical information about an organization's mission goals and needs, existing security products and ongoing programs in the MLS arena. Performs risk analyses, which also includes risk assessment. Provides technical support for secure software development and integration tasks, including reviewing work products for correctness and adhering to the design concept and to user standards. Knowledgeable of Security/IA products such as PKI, VPN, firewalls, and intrusion detection systems. Analyzes and recommends resolution of security/IA problems on the basis of knowledge of the major IA products and services, an understanding of their limitations, and knowledge of the IA disciplines.
- This position supports UCSA Pacific On-Site SIEM Support Task.
- integration of security architecture & engineering efforts into the information technology life-cycle. Integrates security concepts, controls, and mechanisms into the design and architecture phases to produce a reliably secure product.
- Architecture, engineering, implementation, integration, maintenance and improvement of systems to meet specific requirements for building software/hardware components and supporting technical infrastructure.
- Technical planning, technical design, development and integration, verification and validation.
- Provide on-site SIEM support to each cyber operational stakeholder team during regular business hours at the specified location. The on-site support shall function as the embedded Subject Matter Expert at their operational location for current and future UCSA tools. Provide all on-demand response to the cyber analyst teams to create dynamic analytics, visualizations and analytic capabilities while providing testing and training support and supporting critical mission needs. Maintain relevant advanced user certifications of products that are within the suite of UCSA tools, within 90 days of contract award. The number and type of advanced user certifications will be based upon operational need.
- Work directly with the analysts and stakeholders at each operational location to investigate questions raised by operations personnel to help improve operational effectiveness of the tools inside of the UCSA environment. Support decomposition of requirements and use cases from the operational users/stakeholders and provide support to standardize content and tool development across the user community. Evaluate any user developed scripts or visualizations for correct design and performance optimization.
- Advise the UCSA Business Relationship Manager on operational practices, processes and policies, how that can/may influence program actions, and advises the UCSA PM on how project plans and actions will/may affect operations. Assist in conveying information to/from the end users in developing/deploying any corrective actions.
- Maintain a repository of all developed analytics in a centralized location approved by the government to allow for collaboration between the operational stakeholders and reduced duplication of efforts.
- Prepare requirements list and software code and associated documentation deliverables.
- BA/BS in a technical discipline with at least 5 years of experience, additional experience may be considered in lieu of a degree.
- Qualified IA personnel IAW DoDD 8570 and DoDD 8140, minimum of IAT II.
- Demonstrated expertise in Federal Government Network Management is absolutely necessary.
- SIEM experience.
- Splunk experience.
- Active Secret Clearance Required with ability to obtain a Top Secret
- US Citizen
- Experience with DISA Network Enclaves
- Regex experience
- Proficient in Python