Mid-level Automation Engineer ( R-00085120 )
Do you want to grow your career and be part of a team solving critical challenges that affect the world? Then Leidos is the place for you!
The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
Leidos has an immediate need for Automation Engineer to join our CBP Team. The ideal Automation Engineer is someone who is process driven, efficient, and strives to remove tedium from daily workflows. The SOAR Developer will:
Author, test, and maintain automation scripts/workflows within SOAR platform
Design, implement, and maintain efficient and reusable Python code
Review, debug, and resolve technical issues throughout all stages of SDLC
Integrate SOAR platform with other security tools and APIs to execute automated workflows
Coordinate with System Administrators, Engineers, and ISSOs to provision service accounts and/or grant required permissions
Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
Measure effectiveness of process improvement and automation efforts via metrics and KPIs
The ideal candidate will have the following qualifications:
Have expert proficiency with Python
Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc
Experience as a SOC Analyst and/or Incident Responder
Authored SOC SOPs, playbooks, work instructions and/or other process documents
Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
General networking knowledge to include operation of routers, firewalls, DNS, DHCP, subnetting, VPN and Web Proxies
All CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
BS degree in Science, Technology, Engineering, Math or related field and 8 years of prior relevant experience with a focus on Cyber security
Should have 2 years of experience serving as a SOC Analyst or Incident Responder
Ability to work independently with minimal direction; self-starter/self-motivated
Must have one of the following certifications:
CompTIA Advanced Security Practitioner (CASP)
GCIH – Incident Handler
GCED – Enterprise Defender
GMON – Continuous Monitoring Certification
CISSP – Certified Information Systems Security
CEH – Certified Ethical HackerPay Range:Pay Range $94,250.00 - $145,000.00 - $195,750.00