Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

​​Network and Security Operations Center (NSOC) Incident Response Lead​

AT Leidos
Leidos

​​Network and Security Operations Center (NSOC) Incident Response Lead​

Newport News, VA

Description

Leidos is seeking an experienced Incident Response (IR) Lead to support a highly visible NSOC position. Reporting to the Leidos NSOC Lead, the NSOC Response Lead is responsible to independently lead teams of operators through the incident response lifecycle.

The position may require occasional short-term travel to CONUS and OCONUS sites. This position may require an infrequent shift in workday schedule to support exercises occurring over weekends.

Primary Responsibilities

  • Assesses, categorizes, recommends prioritization, develops, reports on, guides, and assumes responsibility for cyber-IR actions in accordance with NIST SP 800-61 Rev. 2.
  • Leads the IR team.
  • Conducts in-depth analysis on hosts and networks, forensic analysis, log analysis, and triage in support of IR.
  • Develops and builds security content, scripts, tools, or methods to enhance the incident investigation processes.
  • Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response processes.
  • Utilizes technologies such as host forensics tools, Endpoint Detection & Response tools, log analysis and full packet capture to perform hunt and investigative activity to examine endpoint and network-based data.
  • Populates dashboards with key metrics and processes and deliver technical presentations to various levels of customer leadership. Compiles and presents reports to senior leaders.
  • Works with stakeholders to implement remediation plans in response to incidents.
  • Ensures that the IR team has necessary personnel, resources, and skills.
  • Develops artifacts supporting Information Assurance and Risk Management Framework (RMF) processes.

Want more jobs like this?

Get jobs in Newport News, VA delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Basic Qualifications

  • Masters degree in Computer Science, MIS, or related technical field with at least 10 years of experience be in the areas of incident detection and response, remediation, malware analysis, or computer forensics (overall of 15 - 20 years of related experience is required). Additional years of relevant experience will be considered in lieu of degree.
  • Top Secret clearance with ability to obtain and maintain TS/SCI.
  • Strong problem-solving abilities using analytic and qualitative reasoning.
  • Ability to independently prioritize and complete multiple tasks with little to no supervision.
  • Ability to accurately capture and document technical remediation details, and ability to brief stakeholders on incident statuses.
  • Effective communication with customer leadership to disseminate timely updates of critical incidents with an emphasis on attention to detail and accurate reporting.
  • Experience organizing, directing, and managing operation support functions involving multiple, complex, and interrelated project tasks.
  • Advanced knowledge of the Incident Response Lifecycle and applicability to various types of incidents.
  • Ability to collaborate with technical staff and customers to identify, assess, and resolve complex security problems, issues, and risks to facilitate resolution and risk mitigation.
  • Experience creating processes, playbooks, and SOPs for tools and workflows. Relevant experience should be in the areas of incident detection and response, malware analysis, or computer forensics.
  • Ability to script in one more of the following computer languages Python, Bash, Visual Basic or PowerShell.
  • Experience running cyber incident investigations with emphasis on attention to detail and adherence to defined escalation paths.
  • At least one current DoD 8140 certification

Preferred Qualifications

  • Experience with virtualized environments (VMware, Red Hat).
  • Experience working with cloud computing and infrastructure security (AWS, Azure, etc.) to IL6
  • Experience as a member of agile programs
  • Experience in Federal Government, DOD or Law Enforcement in CND, CIRT or SOC role
  • Knowledge of the Cyber Kill Chain and the MITRE ATT&CK framework
  • Knowledge of Structured Analytic Techniques

Original Posting Date:

2024-12-06
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $131,300.00 - $237,350.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Client-provided location(s): Hampton, VA, USA
Job ID: Leidos-R-00149446
Employment Type: Full Time

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Health Reimbursement Account
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • HSA
    • Pet Insurance
    • Mental Health Benefits
  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Fertility Benefits
    • Adoption Assistance Program
    • Family Support Resources
  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
    • Hybrid Work Opportunities
  • Office Life and Perks

    • Company Outings
    • On-Site Cafeteria
    • Holiday Events
  • Vacation and Time Off

    • Paid Vacation
    • Paid Holidays
    • Personal/Sick Days
    • Volunteer Time Off
  • Financial and Retirement

    • 401(K) With Company Matching
    • Stock Purchase Program
    • Performance Bonus
    • Relocation Assistance
    • Financial Counseling
    • Profit Sharing
  • Professional Development

    • Tuition Reimbursement
    • Promote From Within
    • Mentor Program
    • Access to Online Courses
    • Lunch and Learns
    • Internship Program
    • Leadership Training Program