Cyber Fusion and Threats Team Lead

Description

Leidos has a current job opportunity for a Cyber Fusion and Threats Team Lead located at Joint Base Pearl Harbor Hickam (JBPHH), Hawaii.

POSITION SUMMARY:
•Lead a team of up to 5-7 employees /subcontractors performing cyber threat intelligence analysis, actionable security events correlation, and network traffic analysis using raw packet data, netflow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks.
•Engage with Senior Level Management to assist with project tracking and scope development.

PRIMARY RESPONSIBILITIES:
•Maintain situational awareness of cyber activity by reviewing Department of Defense (DoD), Intelligence Community and open source reporting for new vulnerabilities, malware or other threats that have the potential to impact the DOD Information Network (DODIN).
•Track relevant advanced persistent threat (APT) tactics, techniques, and procedures (TTPs) to the U.S Indo-Pacific area of responsibility and the DOD.
•Identification of APT infrastructure and malware in support of Defensive Cyber Operations-Internal Defensive Measure (DCO-IDM) to proactively mitigate threats to the DODIN.
•Conduct network forensics for malicious network activity.
•Synthesize, summarize, consolidate and share potentially malicious activities on the DoDIN with DISA and mission partner organizations by various types of cyber threat situational awareness products.
•Assist in providing threat and vulnerability analysis as well as security advisory services and recommendations.
•Create and modify signatures and custom alerting logic based on adversary activity, vulnerabilities, and internal analysis.
•Recommend active mitigations to prevent and/or contain nefarious activity.

BASIC QUALIFICATIONS:
•Bachelor's degree with 8 years of professional experience; related DISA experience and cyber courses/certification is accepted in lieu of a degree.
•Must have DoD-8570 IAT Level 2 baseline certification (Security+ CE or higher) at start date and be able to obtain CSSP-A certification within 180 days of start date.
•Proficient understanding of Cyber Network Defense (CND) in regards to identify, protect, detect, respond and recover within a Computer Incident Response organization.
•Excellent verbal and written communication skills including the ability to clearly articulate technical and strategic level cyber matters to a variety of audiences.
•Highly developed research and analytical skills to pinpoint statistically significant patterns related to cyber threats.
•Experience in intelligence driven defense and/or Cyber Kill Chain (CKC) methodology; knowledge of Advanced Persistent Threat (APT) and other cyber threat modeling frame works.
•Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth.
•Must have an active Top Secret/SCI clearance.

PREFERRED QUALIFICATIONS:
•Knowledgeable in Cloud security/defense.
•Experience with DISA and DoD Networks.
•Working knowledge of cyber operational security, log analysis, netflow analysis, incident response, malware analysis, computer forensics, and/or cyber-crime.
•Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP.
•Working knowledge and proficiency utilizing Wireshark and Splunk analysis tools.
•Working knowledge of the U.S. Intelligence Community, SLTT governments, and/or fusion centers.
•Train and mentor other team members.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.