Cyber Intrusion Analyst ( R-00074199 )
Leidos has a career opportunity for a Cyber Intrusion Analyst who will be a member of the Network Assurance (NA) Team (DISA GSM-O program) in Pearl Harbor, Hawaii.
Work closely with Government counterparts to provide guidance within the CND-SP area. Provide CND reports, trends, responses, mitigations, analysis & information dissemination. Provide C2 support, situational awareness support, and provide leadership & support for all CND applicable activities within Protect, Detect, Respond, and Sustain. Work as a technical leader within the CSSP Team, responsible for maintaining the integrity & security of enterprise-wide systems & networks. Provide technical leadership to CND Teams supporting security initiatives through predictive & reactive analysis, and by articulating emerging trends to leadership & staff.
•Maintain integrity and security of enterprise-wide cyber systems and networks.
•Coordinate resources during enterprise incident response efforts.
•Employ advanced forensic tools and techniques for attack reconstruction.
•Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks.
•Review threat data and develop custom signatures for Open Source IDS or other custom detection capabilities. Correlate actionable security events from various sources.
•Understand attack signatures, tactics, techniques and procedures associated with advanced threats.
•Develop analytical products fusing enterprise and all-source intelligence.
•May conduct malware analysis of attacker tools and reverse engineer attacker encoding protocols.
•Interface with Government counterparts, both CONUS & OCONUS, along with Leidos and sub team members.
•Monitor the implementation of IAVAs & de-conflict component & information specific IAVA guidance.
•Provide limited analysis of incidents for the customers by: determining the incidents nature and formulating responses; Identifying & providing the ability to surge during emergencies; correlating event & incident data; determining possible effects on the DISN, customer networks & other organizations.
•Review threat data from various sources & aid in the development of custom signatures for Open Source & COTs IDS.
•Install, configure & monitor CND security-relevant network components.
•Bachelor’s Degree and 2+ years of related experience; cybercourses/certifications or DISA customer experience may be substituted in lieu of degree.
•DoD-8570 IAT Level II baseline certification (Security+ CE or equivalent).
•Must possess a CSSP-Analyst certification within 180 days of your start date.
•Experience supporting and/or leading CND or related teams.
•Experience working CND duties (e.g., Protect, Defend, Respond, and Sustain).
•Experience working with DoD / Government Leaders at all levels.
•Must have an active DoD Top Secret security clearance to start on the program.
•IAM Level III Certification (GSLC, CISM, CISSP).
•At least one other IA certification completed, i.e., SSCP, CSIH, GCIA, GCIH or CEH.
•UNIX Administrative skills.
•Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
•Knowledge of hacker tactics, techniques and procedures (TTP).
•Conduct malware analysis.
•Demonstrated hands on experience with various static and dynamic malware analysis tools.
•Knowledge of advanced threat actor tactics, techniques and procedures (TTP).
•Understanding of software exploits.
•Analyze packed and obfuscated code.
•Comprehensive understanding of common Windows APIs and ability.