Job Details
Cyber Analyst Lead
Description
Job Description:
Leidos is seeking a mid-level analyst in support of the Enterprise Security Operation Center for the Department of Commerce. This individual will lead the Cyber Analytics team consisting of seven Tier 1 and Tier 2 analysts in support of 24/7 monitoring and triaging. This team will work closely with the Incident Response team, the engineering team, as well as the constituents across the Department. Specific responsibilities include:
Primary Responsibilities
The candidate will work to:
- Lead a team of up to 7 junior analysts performing defensive cybersecurity operations 24 hours a day, 7 days a week
- Ensure the effective performance against established operational rhythm, expectations and standards for Security Operations Center (SOC) analysts
- Provide hands-on technical support to subordinates during high-visibility cyber security incidents
- Identify areas of improvement for SOC processes and tools to enhance the mission
- Place an emphasis on the development of staff and cultivate career growth opportunities to ensure the long term success of the mission
- Correlate events throughout DOC Bureaus to provide an early warning capability and provide trending data that enable decision-makers to prioritize cyber mitigation efforts and investment strategies
- Integrate, correlate, and enrich disparate information sources to provide actionable intelligence and advice to network and system operators as well as to bureau and departmental management.
- Perform analysis on anomalous behavior based on log data from firewalls, packet capture, web proxy services, network flow analysis, intrusion detection, and malware analysis tools
- Facilitate prioritization and requirements gathering for content development or new technology implementation.
Basic Qualifications
To be successful in this role, you must have the following:
- Requires BS degree and 4-8 years of prior relevant experience in order to operate within the scope contemplated by the level; experience in lieu of degree may be acceptable.
- Prior experience performing as a SOC Detect and Response Analyst
- Prior experience in small team/group leadership
- Team player
- Strong analytical and troubleshooting skills
- Upbeat and positive attitude
- Excellent written and verbal communication skills
Preferred Qualifications
To further your success in this role, it helps to have:
- Prior experience leading a team within a SOC environment
- Working knowledge of Splunk Enterprise Security
- Technical understanding of core cybersecurity technologies as well as emerging capabilities.
- Hands-on cybersecurity experience.
- Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vector, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
- Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
- Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.
- Familiarity with the Department of Commerce mission.
Clearance Qualifications
- Must be a US Citizen.
- Must have an active Top Secret clearance