Leidos is seeking a Cyber Security Analyst that is dedicated to increasing their experience and knowledge in Cyber Security to join a close knit developing team of Cyber Security professionals. Our ideal Cyber Security candidate will have a strong drive to apply and continually update his/her skill base . They will also have the skills to manage and aid in the rollout of SIEM and other tools for incident investigation, containment, and remediation efforts.
Responsibilities may include:
• Responding to security events and security alerts
• Investigating security incidents and aiding in the incident response process
• Developing detailed reports on security investigations
• Managing and improving the SIEM and Incident Response platforms
• Making improvements and suggestions to advance the overall security processes in place
• Offering remediation and mitigation solutions based on vulnerability discoveries
• Managing internal policies and procedures
• Experience analyzing log files and correlating security related events
• An understanding of common security controls (Firewall, IDS/IPS, Antivirus, etc.)
• Familiarity with Windows and Linux operating systems and the system's command lines
• A foundational understanding of computer networking fundamentals and the TCP/IP model, along with common ports and protocols.
• Good problem solving and analytical skills
• Strong communication skills
• An understanding of exploits, common vulnerabilities, common network intrusion methods, and various attack patterns and tactics
• Experience working in an enterprise SIEM and with cyber case management tools
• Background in managing and using different security controls (Firewalls, IDS/HIDS, Antivirus, etc.)
• Background in digital forensics for security investigations and data retention
• Background in data analysis for security incidents
• Having experience reverse engineering
• Relevant certifications might include: Associate of (ISC)2 for CISSP, SANS Global Information Assurance Certification Security Essentials Certification (GSEC), CompTIA Security+, Check Point Certified Security Principles Associate (CCSPA), Cisco Certified Network Associate (CCSPA), Red Hat Certified Administrator (RHCSA), and Microsoft Certified Systems Engineer (MCSE).
*Position requires shift work as part of 24/7 operations center
* Familiarity with the following tools for security operations is desired: ServiceNow, Splunk, VMWare, SourceFire, Symantec Endpoint Protection, BigFix, McAfee Vulnerability Manager, PaloAlto Panorama, and Solarwinds