Cybersecurity Controls and Configuration Team Lead
The Leidos Cybersecurity Capabilities Organization has an immediate opening for an experienced, and motivated Cybersecurity Controls and Configuration Team Lead.
The Security Controls and Configuration (SCC) Team works with the Leidos Cybersecurity Intelligence and Response Center (CSIRC) and Security Engineering and Architecture (SAE) organizations to configure, maintain, and manage technical controls for Leidos enterprise security assets. These include the vendor configurations for Network and Host IDS, and our developed baseline for our custom IDS sensor. The role focuses on codifying our robust security policies, resolving change requests by assessing impact, and automating procedures wherever possible. You will be expected to "think like an adversary" and provide analyst-centric input into every phase of the remediation process. This includes a comprehensive understanding of Leidos' corporate policies, common information security frameworks, and security best practices. Physical locations include Gaithersburg, MD, Reston, VA, and Orlando, FL PRIMARY RESPONSIBILITIES• Act as a technical SME for the Cyber Security Capabilities team responsible for the technical security policies that defend the global Leidos network• Work closely with the CSIRC and respond to Intrusion Response activity with appropriate security countermeasures.• Work closely with ITS to ensure technical security policy balances security best practices and corporate usability.• Work closely with SAE to resolve NIDS/HIDS vendor bugs, and engineering capability gaps.• Support the development of a codified, robust baseline for all security policies across all platforms, and a streamlined approach to change management.• Be a SME in the vendor and open source capabilities available to stay ahead of the threats • Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.• Be a Cyber Operations leader, and provide mentorship for less experienced team members. • Manage and maintain Security Controls and Configuration (SCC) team level tasking; reporting status, risks, and areas for improvement on a consistent basis. • Manage and participate in an on-call rotation
• Bachelor's degree and 12+ years of relevant experience. • Hands on experience with popular NIDS and firewall remediation technologies, syntax, and CM control (Palo Alto, Juniper, FireEye, WildFire, etc.) • Hands on experience with popular HIDS remediation technologies, syntax, and CM control (Symantec, McAfee, Tanium, Cylance, etc.)• Demonstrated experience as a technical team lead.• Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences is essential.• Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.• Strong understanding of Operating Systems and Network Protocols.• Ability to create, modify, and implement countermeasures within common COTS and FOSS tools in order to gauge their effectiveness PREFERRED QUALIFICATIONS• Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.• Foundational understanding of the Linux operating system.• Hands on experience with popular open source IDS technologies, syntax, and CM control (Snort, Bro, Suricata, etc.)• Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.• Demonstrated experience performing cybersecurity analysis from an operators point-of-view• Active DoD Secret or higher clearance• Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.• Familiarity with common scripting languages (like Perl and Python) to parse logs, automate processes, etc.
Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company's diverse employees support vital missions for government and commercial customers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.