Job Details
Leidos
Threat Detection Engineer/Content Developer
Description
Job Description:
Leidos currently has an opening for a Content Developer to support our team on a high visibility and strategic Cybersecurity Task Order. This role will require work with a more senior Content Developer and DHS NOSC staff to provide customer stakeholders with customized reporting
Primary Responsibilities
Perform critical thinking and analysis to investigate cyber security alerts
Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
Collaborate with team members to analyze an alert or a threat
Stay up to date with latest threats
Work collaboratively with customer and other team members to prioritize work and deliver timely results
Contribute to content tuning to increase alerting accuracy for customer systems.
Basic Qualifications
Bachelor of Science in Cybersecurity or related field and 2+ years of relevant experience
A DHS 5C Suitability EOD is required
Experience as an analyst in a Security Operations Center
Experience with Splunk ES conducting enterprise monitoring and detection
Experience with Splunk Data models and CIM
Security+, Network+, CASP, CEH, or other cybersecurity certification
Preferred Qualifications
Thorough understanding of SIEM integration and data onboarding activities to include routing, parsing, and normalizing to Common Information Model (CIM)
Experience developing Dashboards in Splunk
Familiar with Azure cloud logs
Splunk certifications
Completed Splunk Advance Searching and Reporting training