Cyber Analyst Lead

Description

Job Description:

Leidos is seeking a mid-level analyst in support of the Enterprise Security Operation Center for the Department of Commerce. This individual will lead the Cyber Analytics team consisting of seven Tier 1 and Tier 2 analysts in support of 24/7 monitoring and triaging. This team will work closely with the Incident Response team, the engineering team, as well as the constituents across the Department. Specific responsibilities include:

Primary Responsibilities

The candidate will work to:

• Lead a team of up to 7 junior analysts performing defensive cybersecurity operations 24 hours a day, 7 days a week
• Ensure the effective performance against established operational rhythm, expectations and standards for Security Operations Center (SOC) analysts
• Provide hands-on technical support to subordinates during high-visibility cyber security incidents
• Identify areas of improvement for SOC processes and tools to enhance the mission
• Place an emphasis on the development of staff and cultivate career growth opportunities to ensure the long term success of the mission
• Correlate events throughout DOC Bureaus to provide an early warning capability and provide trending data that enable decision-makers to prioritize cyber mitigation efforts and investment strategies

• Integrate, correlate, and enrich disparate information sources to provide actionable intelligence and advice to network and system operators as well as to bureau and departmental management.
• Perform analysis on anomalous behavior based on log data from firewalls, packet capture, web proxy services, network flow analysis, intrusion detection, and malware analysis tools
• Facilitate prioritization and requirements gathering for content development or new technology implementation.

Basic Qualifications

To be successful in this role, you must have the following:

• Requires BS degree and 4-8 years of prior relevant experience in order to operate within the scope contemplated by the level; experience in lieu of degree may be acceptable.
• Prior experience performing as a SOC Detect and Response Analyst
• Prior experience in small team/group leadership
• Team player
• Strong analytical and troubleshooting skills
• Upbeat and positive attitude
• Excellent written and verbal communication skills

Preferred Qualifications

To further your success in this role, it helps to have:

• Prior experience leading a team within a SOC environment
• Working knowledge of Splunk Enterprise Security
• Technical understanding of core cybersecurity technologies as well as emerging capabilities.
• Hands-on cybersecurity experience.
• Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vector, and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
• Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
• Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.
• Familiarity with the Department of Commerce mission.

Clearance Qualifications

• Must be a US Citizen.
• Must have an active Top Secret clearance

Pay Range: