Network Security Engineer

Description Job Description:The Global Solutions Management-Operations II (GSM-O II), a Defense Group of Leidos, has an opening for a Network Security Engineer supporting the Joint Communications Support Element (JCSE), MacDill AFB, FL. Responsibilities include:

• Provide system administrator (ex. Linux, Windows, Firewalls, Intrusion Prevention/Detection Systems, End Point Security ) support installing, operating, maintaining, troubleshooting, administrating, and cybersecurity hardening of operating systems on both the classified and unclassified systems (SIPR and NIPR).
• Utilize formal network security monitoring policies and procedures that include the appropriate use of DoD-approved IDPS tools that have automated alert capabilities enabled.
• Perform Detection (Monitoring and Analysis) activities on the JCSE using Intrusion Detection System/Intrusion Prevention System sensors (IDS/IPS).
• Follow documented procedures for characterizing anomalous events detected by sensors and other network monitoring systems.
• Review and analyze logs in a timely manner to detect intruders.
• Provide notice of suspicious/malicious network traffic or similar activities that suggest an impending or on-going attack
• Search for distributed, long-term, coordinated, low-visibility network based attacks to identify possible unauthorized activity utilizing exploratory problem-solving or self-learning techniques. Suspicious/significant activity will be shared among the CND/IA community.
• Report potential incidents and correlated information from these incidents/events that occur on sensors using documented procedures in accordance with DoD guidance.
• Document and escalate incidents

• BS degree and 4-8 years of prior relevant experience.
• CSSP Analyst (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+ , GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+)
• DoD 8140 (Previously 8570), IAT Level II (SEC+ or equivalent) certification
• Must have a current DoD Secret clearance prior to start.

• Familiarity with Mitre ATT&CK, cyber kill chain, and models such as the Diamond model.
• Experience in DoDIN Whitelisting/Blacklisting and Global architecture and data flows to/from the Internet into AOs
• Understanding of DoD's boundaries plus DoD's ports, protocols, and services policy
• Familiar with RMF and DoD's Assessment and Accreditation process