Cyber Security/System Health Monitoring Tool Integration SME

Description

We have an immediate need for a Cyber Security / System Health Monitoring Tool Integration SME. In this role, you will be responsible for implementing and maintaining cyber security and system health monitoring devices for the customer’s information systems and networks protecting them from potential cyber-attacks. The Cyber Security Integrator must display an excellent understanding of technology and utilization of Firewalls (Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security Vulnerability, auditing and system health tools

Primary Responsibilities:

• Work directly with Team leads, developers and operations personnel throughout a DevSecOps life cycle both on policy and technical implementation of technologies.

• Plan, implement, manage, monitor, and upgrade security measures and tools for the protections of information systems and networks and automate repeatable tasks in a consultative role (including mitigation of security scan findings)

• Design, configure, implement, troubleshoot, and maintain all security and health monitoring platforms and their associated software, such as firewalls (Security Groups), intrusion detection/intrusion prevention, anti-virus/malware (HBSS), SIEM (Splunk), Solarwinds, Nagios, native cloud services and MDM

• Formulate systems and methodologies as well as respond to security related events and assist in remediation efforts of cyber security incidents (system and/or network breaches, malware attacks)

• Participate in the change management process

• Generate Splunk dashboards to display Cyber Security and System health status alerts.

• Coordinate, and monitor log analysis for our managed security services offerings, to ensure customer policy and security requirements are met

Basic Qualifications:

• Must have a MS degree and 15+ years of prior relevant experience

• Experience with at least two of the following tools: Splunk, HBSS/McAfee, Rapid7, Nagios, SolarWinds, CISCO IDS/IPS

• Knowledge of networking protocols, such as TCP/IP, LAN/WAN concepts

• Experience with maintaining systems on Linux and Windows platforms

• Experience with automation (e.g., Ansible, CloudFormation)

• Strong attention to detail with analytical mind outstanding problem-solving skills

• Experience with Agile Software Development

**Due to the nature of the government contracts we support, US Citizenship is required.**

** Candidate must have an active TS/SCI with polygraph.

Preferred Qualifications:

• Experience with additional security tools and processes such as IDS/IPS, VPN, Webinspect, Appdetective

• Experience with implementing and managing Network and Application Firewalls\

• Experience with incident detection, incident response and forensics activities

• Experience with scripting languages (Python, Power Shell)

• Experience with Cloud Computing Technologies/Amazon Web Services (AWS)

• AWS Certification

• Experience maintaining virtual private networks, firewalls, web protocols

• Experience with SAFe Agile Framework

• Knowledge of potential attack vectors such as XSS, injection, hijacking and social engineering

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.