Cyber Security Analyst
Leidos has a current job opportunity for a Cyber Security Analyst. This position is located in Stuttgart, Germany and Patch Barracks.
The candidate will be a member of the Defensive Cyber Operations on the DISA GSM-O program supporting DISA Europe in Stuttgart, Germany. The candidate will perform cyber threat intelligence analysis, correlate actionable security events, conduct network traffic analysis using raw packet data, netflow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks. The candidate will also participate in the coordination of resources during incident response efforts.
- Triage and analyze alerts from sensors across monitored networks.
- Conduct network forensics for malicious network activity.
- Provide incident and situational awareness reporting to subscribers of DISA cyber security services.
- Create and modify signatures and custom alerting logic based on adversary activity, vulnerabilities, and internal analysis.
- Implement active mitigations to prevent and/or contain nefarious activity.
- Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE, CISSP or equivalent).
- BS and 4+ years’ experience (related experience may substituted in lieu of a degree).
- Hold and maintain an active Top Secret clearance.
- Demonstrated basic understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
- Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
- Experience and proficiency with any of the following: Anti-Virus, HIPS, IDS, IPS, Full Packet Capture, Host-Based Forensics, Network Forensics, Incident Response.
- Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk).
- Experience with malware analysis concepts and methods.
- Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS)
- Understanding of Linux and basic Linux commands;
- Understanding of mobile technology and OS (i.e. Android, iOS, Windows)
- Familiarity or experience in Lockheed Martin's Intelligence Driven Defense and/or Cyber Kill Chain methodology.
- Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification.
External Referral Eligible
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.