03 Sep
SOC/CSIRC Analyst (Tier 1) Team Lead
Arizona, Chandler , 85225 Chandler USA

Vacancy expired!

Description Job Description:Do you want to grow your career and be part of a team solving critical challenges that affect the world? Then Leidos is the place for you!The Department of Homeland Security (DHS), Immigration and Customs Enforcement (ICE) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to ICE networks through monitoring, intrusion detection and protective security services to ICE information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The Incident Responder will perform the following:

  • Act as liaison between Cyber Defense Forensics Government and contract staff
  • Oversee team of Cyber Defense Forensics/Insider Threat contract personnel
  • Oversee the assignment of casework to Team contractors based on priorities and provide investigative direction and peer reviews
  • Assist with development, implementation, and operation of CDF to include but not limited to review of OPs, policies, and procedures
  • Evaluate existing SOPs, processes, and procedures for constraints and inefficiencies, and create and implement enhancements and improvements
  • Track and report team performance, status, progress, and issues/blockers to stakeholders
  • Collaborate and coordinate with internal and external entities
  • Conduct forensic investigations to include acquisition of digital and physical evidence in accordance with sound forensic procedures and best practices
The ideal candidate will possess:
  • In-depth knowledge of each phase of the Incident Response life cycle
  • Expertise of Operating Systems (Windows/Linux) operations and artifacts
  • Understanding of Enterprise Network Architectures to include routing/switching, common protocols (DHCP, DNS, HTTP, etc), and devices (Firewalls, Proxies, Load Balancers, VPN, etc)
  • Ability to recognize suspicious activity/events, common attacker TTPs, and perform logical analysis and research to determine root cause and scope of Incidents
  • Be familiar with Cyber Kill Chain and have utilized the ATT&CK Framework
  • Have scripting experience with Python, PowerShell, and/or Bash
  • Ability to independently prioritize and complete multiple tasks with little to no supervision
  • Flexible and adaptable self-starter with strong relationship-building skills
  • Strong problem solving abilities with an analytic and qualitative eye for reasoning
Basic Qualifications
  • Bachelor's Degree AND 8 years of relevant experience
  • Five (5) or more years of project management experience
  • Experience in security operations as identified in section 6.2
  • Experience in handling incident response
  • (ISC)2 Certified Information Systems Security Professional (CISSP) or Project Management Professional (PMP)
  • Secret Clearance (active)
  • Top Secret, SCI Clearance (eligible)
  • Shall have substantial security experience
  • Any 1 of: CASP, CCSP, SSCP, GMON, GCIH, GCIA, GECD AND any from the CSSP Analyst, Infrastructure Support, or IR from the DOD 8570 list
  • 6 years of equivalent experience will be considered in lieu of one certification
Preferred Qualifications
  • Existing DHS EOD, active Secret clearance, or active Top Secret clearance
  • Recent security operations (SOC) experience.
  • Experience with Agile methods
External Referral Bonus:EligibleExternal Referral Bonus $:5000Potential for Telework:NoClearance Level Required:SecretTravel:NoScheduled Weekly Hours:40Shift:DayRequisition Category:ProfessionalJob Family:Cyber OperationsPay Range:

Vacancy expired!


Related jobs

Report job