The Senior Cyber Services Consultant will be executing Cyber services contracts across a variety of large commercial organizations. This individual should be a motivated self-starter and have a strong foundation and understanding in Information Technology and Security Architecture as well as be familiar with security functions of large organizations, specifically security operations. The scope of this role includes the ability to evaluate large security enterprises and their security organizations, development of strategic roadmaps to drive growth and maturity, as well as knowledge on how to implement and drive a plan for transforming an organization to their desired end state. This candidate should have excellent communication skills, both written and oral, be willing to learn and execute on any client requests, and have the ability to interact with all levels of customer staff from the executive level down to highly technical analysts in structured and unstructured situations. The candidate must be able to develop SOC processes, procedures, metrics and training material based on industry best practices. The ideal candidate should be willing to continuously work to improve the Professional Services offerings and deliverables for Leidos customers.
- Self-Starter with ability to spin up quickly on technologies, issues, topics, and advances in the cyber security field
- “Can do” attitude willing to take on challenging opportunities and delivery with excellence for all customer projects and programs
- Strong experience the Information Technology/Information Security industry
- Experience evaluating large corporate enterprise networks and cyber security organizations
- Consulting experience
- Experience with multiple Information Security domains: Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Malware Analysis, Computer Forensics, Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Policy & Governance, Cloud Security, End User Education & Awareness, Penetration Testing, Vulnerability Scanning & Management, and Compliance & Risk Management
- Experience with execution of assessments and evaluations of cyber security operations projects to include the development of strategic vision roadmaps, baseline or gap evaluations, and SOC Strategy and Concept of Operations reports
- Knowledge of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat attack.
- Knowledge and understanding of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
- Experience developing content-rich final reports and associated deliverables with results of subject matter expert analysis and improvement recommendations
- Experience presenting the results of applied analysis to client stakeholders to include senior or executive leadership
- Knowledge of Large Fortune 500 organizations security programs and their related functions to include the SOC function, vulnerability assessment, penetration testing, security policy and procedure, security infrastructure management, network and host based defense, cyber security metrics, security engineering, etc.
- Prior experience working with the Kill Chain, Diamond Model of Intrusion, and similar frameworks and concepts.
- Cyber security certifications such as CISSP, CEH, GCIA, GCIH, GCFE, and/or Security+
- Experience with cyber security processes, tools, and technologies and extensive knowledge of best practices regarding their implementation
- Strong interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions
- Familiarity with public cloud architectures and SOC operations that support public cloud operating models.
- Prior experience working in SOC environments across a variety of verticals to include Aerospace & Defense, Energy, Oil and Gas, Financial, High-Tech, Chemical, Pharmaceutical & Healthcare, and/or related industries.
- Prior experience leading an assessment or evaluation of a SOC or large security enterprise to include execution of the assessment, analysis of results, and formulation of a final report for dissemination to key stakeholders.
- Prior experience working in a SOC analyst role with knowledge across Threat Monitoring, Incident Response, and Threat Intelligence.
- Prior experience evaluating and assessing large Fortune 500 organizations from the standpoint of enterprise-wide cyber security projects, programs, and capabilities.
- Prior experience with Operational Technology (OT) environments to include cyber defenses across Process Control Networks (PCN), Integrated Controls Systems (ICS), and/or SCADA systems
- Knowledge of industry best practices and standards to include but not limited to the following; NIST 800-61, NIST Core Security Framework, NIST 800-53, NIST 800-171, ISO 27001/2, and ISO 27035
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.