Description

The Leidos Digital Modernization sector is continuously looking for Defensive Cyber Operations Analysts interested in joining the GSMO effort in Washington, DC. We hire for these roles on an ongoing basis and our recruiting team will contact applicants as positions become available.

Our team supports our customer's mission to protect federal networked systems and services from cyber threats, as a 24x7, mission critical operation. This is a hybrid position working a (4x10) or (5x8) static schedule with the potential for 20-25% remote work. Shifts include Days, Swings and Mids. Shift availability will vary based on program needs and manning levels. Requested shift assignments are considered but not guaranteed. Shifts are based on both preference and contract requirements. Applicants must remain flexible to potential shift modifications in order to assist in meeting minimum staffing requirements. All new hires' initial 4-6 weeks will be spent on weekday Day Shift to complete onboarding, training and familiarization.

• Perform computer network incident detection, and response activities to detect, correlate, identify and characterize anomalous activity that may be indicative of threats to the enterprise.
• Monitor various security tools and applications for possible malicious activities, investigate any associated alerts or indicators, and develop recommendations for a course of action, including mitigation strategies as necessary.
• Follow Standard Operating Procedures and perform duties with strong attention to detail, ensuring that all system checks are performed in a timely manner and all documentation is complete and accurate.
• Work to influence project/team leads regarding solution design, process and/or approaches.
• Review investigations, reports and communications of juniors and peers to ensure accuracy and clarity of communications.
• Develop and conduct briefings to senior management.
• Requires good technical writing skills as each event, including the associated analysis, are documented in a ticketing system for review and action.
• Requires excellent communication skills as we are collocated with our customer and regular face-to-face interaction is necessary throughout the day, as well as significant coordination and communication between team members.

• Active DoD TS/SCI security clearance.
• Ability to pass Yankee White clearance process prior to start.
• Bachelor's Degree and 3+ years of experience; additional years of experience may be considered in lieu of degree.
• Current DoD 8570 IAT Level II Certification (e.g. Sec+ CE) or higher at time of start
• Current DoD 8570 CSSP Analyst Certification (e.g. CEH), or ability to obtain one within 180 days of starting.
• Current DoD 8570 CSSP Infrastructure Support Certification (e.g. CEH, CySA+, SSCP), or ability to obtain one within 180 days of starting.
• Strong computing system knowledge, particularly networking, including a knowledge of communication protocols and familiarity with common computing security elements such as IDS/IPS systems and firewalls.
• Experience evaluating packet captures.

• Prior CND and/or SOC experience.
• Familiarity with computing security frameworks such as cyber kill chain and att&ck.
• Monitoring of intrusion detection and computer defense appliances and applications, and analysis of associated alerts.
• Documenting analysis and providing response recommendations.