Cyber Network Defense Analyst

Description Job Description: The Enterprise and Cyber Solutions Operation at Leidos currently has an opening for a Cyber Network Defense Analyst to work at the White House Communications Agency (WHCA) on Joint Base Anacostia-Bolling. Our team supports our customer's mission to protect the Presidential Information Technology Community networked systems and services from cyber threats, as a 24x7, mission critical operation. We are looking for a self-starter that is capable of independently performing their daily tasks, but also works well within a team that requires significant coordination and inter-team communication. PRIMARY RESPONSIBILITIES:

• Computer network incident detection and response activities to detect, correlate, identify and characterize anomalous activity that may be indicative of threats to the enterprise.
• Monitor various security tools and applications for possible malicious activities, investigate any associated alerts or indicators, and develop recommendations for a course of action, including mitigation strategies if required.
• Requires good technical writing skills as each event, including the associated analysis, must be documented in a ticketing system so that it can be reviewed and acted on appropriately.
• Requires good communication skills as we are collocated with our customer and regular face-to-face interaction is required throughout the day.
• Must be able to follow Standard Operating Procedures and perform their duties with a high degree of attention to detail, ensuring that all system checks are performed in a timely manner and all documentation is complete and accurate.

• Bachelor's Degree and 4+ yrs of experience; additional years of experience may be substituted in lieu of degree.
• Must have a DoD 8570 IAT Level II (or Level III) Certification (e.g. Sec+ CE)
• Must have a DoD 8570 CSSP Analyst Certification (e.g. CEH), OR able to obtain one within 180 days of starting.
• Must have a DoD 8570 CSSP Infrastructure Support Certification (e.g. CEH, CySA+, SSCP), OR able to obtain one within 180 days of starting.
• Must have strong computing system knowledge, particularly networking, including a knowledge of communication protocols and familiarity with common computing security elements such as IDS/IPS systems and firewalls.
• Must have experience analyzing packet captures.
• Must be able to pass Yankee White clearance processing prior to start.
• Current DoD TS/SCI security clearance.

• Prior CND experience.
• Familiarity with computing security frameworks such as cyber kill chain and att&ck.
• Monitoring of intrusion detection and computer defense appliances and applications, and analysis of associated alerts.
• Documenting analysis and providing response recommendations.
• GSMO
• External Referral Eligible