• Leidos
  • $103,590.00 -145,350.00/year*
  • Frankford , DE
  • Information Technology
  • Full-Time
  • 30349 Gum Rd



Description Job Requisition: Cybersecurity Analyst

Job Description:

Leidos has a current job opportunity for a Cyber Security Analyst to become a member of the Network Assurance Team on the DISA GSM-O program supporting DISA Europe in Stuttgart, Germany.

POSITION SUMMARY:

Perform cyber threat intelligence analysis, correlate actionable security events, conduct network traffic analysis using raw packet data, netflow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks. The Cyber Security Analyst will also participate in the coordination of resources during incident response efforts.

PRIMARY RESPONSIBILITIES:

Triage and analyze alerts from sensors across monitored networks.

Conduct network forensics for malicious network activity.

Provide incident and situational awareness reporting to subscribers of DISA cyber security services.

Create and modify signatures and custom alerting logic based on adversary activity, vulnerabilities, and internal analysis.

Implement active mitigations to prevent and/or contain nefarious activity.

BASIC QUALIFICATIONS:

BS degree and 4+ years of prior relevant experience; additional experience may be substituted in lieu of a degree.

Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent) at start date.

Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.

Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.

Experience and proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics.

Must have an active Top Secret clearance.

PREFERRED QUALIFICATIONS:

Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).

Experience with malware analysis concepts and methods.

Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS).

Understanding of Linux and basic Linux commands.

Understanding of mobile technology and OS (i.e. Android, iOS, Windows).

Familiarity or experience in Lockheed Martin's Intelligence Driven Defense and/or Cyber Kill Chain methodology.

Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.

GSMO

External Referral Eligible

External Referral Bonus: Eligible

Potential for Telework: No

Clearance Level Required: Top Secret

Travel: Yes, 10% of the time

Scheduled Weekly Hours: 40

Shift: Day

Requisition Category: Professional

Job Family: Cyber Security



1000


Defense
- provided by Dice
Associated topics: attack, cybersecurity, forensic, identity, identity access management, iam, leak, security officer, threat, vulnerability

* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.


Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...