Cybersecurity Analyst ( R-00040097 )
The Defense Group of Leidos has an opening for a Cybersecurity Analyst supporting the Global Information Grid (GIG) Service Management-Operations (GSM-O) contract at Ft. Meade, MD .
The Cybersecurity Analyst will work as part of a team in the JFHQ-DODIN Operations Center (JDOC). The analyst will be assigned to an element that will focus on a designated area of operation (AO) within the DOD.
In this role, you will obtain and maintain a working knowledge of the current status of Orders issued by JFHQ-DODIN, and subordinate organizations compliance with issued orders. You will also provide near real time situational monitoring of an aligned AO to achieve, sustain, and present a near real time situational understanding of the AO’s operational environment. To include:
- tracking ongoing operations, the posture and disposition of friendly forces and adversary activity
- monitoring, consuming and analyzing operational, intelligence, and incident reporting
- monitoring and querying Security Information and Event Management (SIEM) tools (ex. Splunk, ArcSight, McAfee Network Security Manager, etc.) for anomalous activity
- Collect, analyze and distribute Indicators of Compromise (IOC) in support of the development and implementation of DOD countermeasures
- Develop metrics to measure the effectiveness of practices and controls to mitigate threats and vulnerabilities; and develop dashboards that illustrate the effectiveness of risk mitigation over time.
- Coordinate DODIN Operations and Defensive Cyber Operations with DOD cyber components; obtain situation reports, incident response efforts, and obtain information for briefings, presentations, or other situational awareness products used to inform senior leadership
This is a shift-work position. You may be assigned to a day-shift, swing-shift (afternoon), or mid-shift (overnight) which will potentially include weekends and/or holidays.
• Active TS/SCI security clearance
• Bachelor's degree in a relevant technical discipline + 4 years of related experience. Additional Additional related experience may be substituted in lieu of a degree.
• Experience with Microsoft Office (Outlook, Word, Excel, and PowerPoint) and Share point
• Knowledge of Windows and/or Unix operating systems
• Knowledge of LAN/WAN design and general internetworking technologies
• Knowledge of security principles, approaches, and technologies (Defense-in-Depth)
• Knowledge of IT security architecture and design (firewalls, IDS/IPS, VPN, Endpoint protection)
• Experience briefing Senior Leaders
• SIEM Tool Experience
• Knowledge of the DoD Information Assurance Vulnerability Management (IAVM) process
• Knowledge of DOD Cyberspace Operations (JP 3-12)
• Knowledge of the DoD orders process
• Knowledge of DOD’s Cyber Incident Handling Program (CJCSM 6510.01B)
• Knowledge of DODIN Transport (DODI 8010.01)
• Knowledge of Cybersecurity Activities Support to DODIN Operations (DODI 8530.01)
• Familiarity with Joint Reporting Structure guidance (CJCSM 3150.05D, CJCSM 3150.07E)
• Familiarity with conducting risk assessments (NIST SP 800-30 Rev 1, Guide for Conducting Risk Assessments; DODIN Risk Assessment Methodology)
• Familiarity with enhancing trust in email (NIST SP 800-177, Trustworthy Email guidance)
• Working knowledge of DOD Security Technical Implementation Guide (STIG) Viewer
• Working knowledge of Packet Capture (PCAP) and analysis (Noesis, Wireshark)
• Working knowledge of DOD Boundary and SIEM Tools (DISA Enterprise Collaborative Operational Sensor suite JRSS, etc.)
• DoD 8750 certification at IAT level II or higher; Security+ce.
External Referral EligibleExternal Referral Bonus:EligiblePotential for Telework:NoClearance Level Required:Top Secret/SCITravel:NoScheduled Weekly Hours:40Shift:DayRequisition Category:ProfessionalJob Family:Cyber Operations