Defensive Cyber Operations Analyst - Active TS/SCI Required ( R-00072186 )
Leidos is hiring a Defensive Cyber Operations Analyst - active TS/SCI Required! All work will be performed onsite in Suitland, MD at the National Maritime Intelligence Center.
The Hopper Information Services Center (ISC) is an IT service provider for the Office of Naval Intelligence (ONI) and for 70+ Navy Intelligence Community (IC) ashore organizations across the globe with mission to deploy and operate classified information systems, networks, communications systems, and cybersecurity capabilities. Within Hopper ISC, the Cybersecurity Department is comprised of four divisions (Defensive Cybersecurity Operations, Cybersecurity Mission Operations, Assessment & Validation , and Cybersecurity Engineering), and these divisions collectively secure, protect, assess, and monitor fielded Information Technology (IT) capabilities against a full range of internal and external threats.
Candidate will provide operations, engineering, technical and program management support services and associated supplies to support the cyber related requirements and operations and will routinely work independently to achieve critical mission objectives necessary to continue smooth operations for Hopper, and other internal and external agencies. Routinely will collaborate with different internal and external customers and other experts to develop technical solutions to problems that are complex and not always immediately identifiable in order to timely meet mission objectives.
The Defensive Cyber Operations Division (DCO) enables ONI Information Dominance and decision superiority by providing proactive and real-time protection, monitoring, detection, analysis, reporting, response, recovery and lessons learned for cybersecurity events that pose a threat to ONI’s information and information systems. DCO has hands-on ownership of cybersecurity defensive capabilities that protect ONI enterprise infrastructure.
- Perform system administration of DCO tools; specifically install, operate, configure, upgrade, and maintain the entire suite of cybersecurity hardware and software systems in place or otherwise acquired to support the DCO mission. This includes system administration of cybersecurity tools as those recommended by DISA in the Network Infrastructure Policy STIG and includes systems administration at both the operating system level and application level. Maintenance will include daily operations, configuration modifications, upgrades, patches, and new versions.
- Develop and maintain DCO monitoring functions using tools like Splunk, sensor architectures based on a wide variety of IP-Based sensor technologies and maintain access to cybersecurity Intelligence applications, and technical capabilities to include, but not limited to Splunk, Incident Response portals, network and host based IPS/IDS, web and email content filtering, digital forensics, and malware analysis technology.
- Provide cybersecurity service provider support for an unclassified system/network that supports various ONI missions
- Provide technical guidance for effective and efficient response to cyber incidents, and propose strategies to prevent incidents from occurring or escalating as well as recommend improvements to cyber defense activities (i.e. monitoring, detection, analysis, response and coordination).
- Develop and maintain documentation for each individual project and system to include: Requirements and Design Documents, Implementation Plans, Concept of Operations (CONOPS), Risk Management Framework Documentation, System / Network Diagrams, Work Breakdown Structure Project Schedule, Installation & Configuration Guides, Operations & Maintenance Guides and Analyst Operations Guides
Active TS/SCI Clearance
BA/BS in CS, IT, IA or related field and 5+ years of CND experience OR 8 + yrs of relevant CND experience in lieu of degree
Must adhere to the DOD Information Assurance Workforce Improvement Program requirements, DOD 8570.01-M
Active Security+ CE or equivalent
2+ years experience in interpretation and implementation of the following policy documents: DoD Directive 8530.02M, CJCS Instruction 6510.01F and CJCS Manual (CJCSM) 6510.018.
3+ years experience in design, development, integration, implementation, operation, and analysis of cyber security technologies used in the DoD and IC, as well as knowledge of federal cyber security initiatives.
Knowledge of intelligence gathering, analysis and dissemination techniques specifically in the area of cyber security.Pay Range: