Insider Threat Analyst
Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
The ideal candidate will have an advanced understanding of multiple Operating Systems, monitoring and detection techniques and methods, and Incident Response Lifecycle. The candidate must be familiar with the operation of common protocols, network intrusion detection systems, and endpoint detection and response tools. Experience using PowerShell, Python, or Bash to automate common tasks is highly preferred.
Duties and Responsibilities:
Conduct investigations by analyzing and verifying information utilizing log analysis, digital evidence collection and forensic procedures.
Use Network and Host based tools to monitor and detect potential threats and unauthorized activity across Windows, Unix, Cloud, and Mobile devices.
Perform forensic and memory analysis on Windows, Unix, Mobile, and Cloud devices and infrastructure.
Develop and update security content such as IDS signatures. SIEM queries, alerts, and dashboards, Standard Operating Procedures, and other detection and mitigation measures.
Identify network visibility and technology gaps to make recommendations to improve the organizations overall security posture.
Automate procedures and develop code to eliminate repetitive manual tasks.
Collaborate and coordinate with other entities within and outside the SOC.
Protect yourself and your family, with the benefits of working for a world-class employer. When you join Leidos, you join a Fortune 500 company and one of Ethisphere Institute’s “World's Most Ethical Companies”
EDUCATION & EXPERIENCE:
Bachelors’ degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 8 of professional experience in incident detection and response, malware analysis, or cyber forensics or a Masters Degree with 6 years of experience.
This position requires a current Top Secret Clearance. In addition to specific clearance requirements all Department of Homeland Security CBP SOC employees are required to have or be able to favorably pass a 5 year (BI) Background Investigation.
Between 1-2 years of experience in two or more of these specialized areas:
Digital media forensic
Monitoring and detection
Security+ Certification or equivalent in industry certification, background and knowledge.
SANS GCIH, GCFE, GCFA, GCIA, or GMON certifications highly preferred.
Experience analyzing and synthesizing information with other relevant data sources, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with counterintelligence and law enforcement investigations.Pay Range:Pay Range $94,250.00 - $145,000.00 - $195,750.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.