SOC Analyst
Description The Leidos DES (Defense Enclave Services) team is supporting an extensive digital modernization program critical to DISA and Fourth Estate Agencies and currently has an opening for a SOC Analyst located at Ft.
Meade, MD.
PROGRAM
Summary:
The Defense Enclave Services contract will unify the DOD Fourth Estate Defense Agencies and Field Activities' common use information technology systems, personnel, functions and program elements under the direction of DISA's Fourth Estate Network Optimization program office.
CLEARANCE REQUIREMENT:
oMust hold an active Top Secret clearance and be able to obtain and maintain a TS/SCI security clearance.
(US Citizenship required)PRIMARY
Responsibilities:
oProvide SOC and Incident Response support, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents.
oMonitor and reply to events and alerts from the SIEM, monitoring tools, and other network tools.
oInvestigate events of interest and escalating to senior NOC / SOC members.
oWork closely with both on-site and remote users to coordinate site visits and upgrades, provide on-site and remote resolution for trouble calls, and provide TIER 2/3 support of production systems.
oDrive incidents from discovery to closure and reporting, with comprehension of escalation procedures and criteria.
oCategorize incidents & events, and partner with appropriate authorities in the production of security incident reports.
oCoordinate with other DISA organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events.
oBuild timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions.
oWhile not in a period of incident response, you will conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident.
oProvide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs).
This root-cause analysis will include documenting recommendations for corrective action.
oSystems administration of desktop and server systems linked to local and wide area networks.
oProvide enterprise recommendations to Leidos and DISA leadership to remediate environment wide issues, support continuous process improvement, and report analysis.
oInvestigate compromised endpoints, identifying IOCs within the environment and conveying to users and other teams impact of discovered events.
oSupport Day Shift/Core hours.
BASIC
Qualifications:
oBachelor's degree and 8
years of relevant experience; additional years of experience may be substituted in lieu of a degree.
oMust have an active DoD IAT Level II certification, prior to start (Sec+).
oSystems administration experience - desktop and server systems connected to local and wide area networks.
oTroubleshooting skills and knowledge of a troubleshooting methodology.
oIncident Response Experience.
oKnowledge Management skills to follow and create documentation.
PREFERRED
Qualifications:
oCertifications such as CySA, CEH, GCIA, or GCIH.
oExperience with enterprise antivirus solutions.
oExperience with vulnerability scanners.
oIncident Response Certification.
oKQL/Office 365 Incident response experience.
DISADESExternal Referral EligiblePay Range:
Pay Range $97,500.
00 - $176,250.
00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary.
Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Recommended Skills Certified Ethical Hacker Computer Networks Corrective And Preventive Action (Capa) Dry Runs Giac Certified Incident Handler Information Technology Estimated Salary: $20 to $28 per hour based on qualifications.
Meade, MD.
PROGRAM
Summary:
The Defense Enclave Services contract will unify the DOD Fourth Estate Defense Agencies and Field Activities' common use information technology systems, personnel, functions and program elements under the direction of DISA's Fourth Estate Network Optimization program office.
CLEARANCE REQUIREMENT:
oMust hold an active Top Secret clearance and be able to obtain and maintain a TS/SCI security clearance.
(US Citizenship required)PRIMARY
Responsibilities:
oProvide SOC and Incident Response support, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents.
oMonitor and reply to events and alerts from the SIEM, monitoring tools, and other network tools.
oInvestigate events of interest and escalating to senior NOC / SOC members.
oWork closely with both on-site and remote users to coordinate site visits and upgrades, provide on-site and remote resolution for trouble calls, and provide TIER 2/3 support of production systems.
oDrive incidents from discovery to closure and reporting, with comprehension of escalation procedures and criteria.
oCategorize incidents & events, and partner with appropriate authorities in the production of security incident reports.
oCoordinate with other DISA organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events.
oBuild timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions.
oWhile not in a period of incident response, you will conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident.
oProvide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs).
This root-cause analysis will include documenting recommendations for corrective action.
oSystems administration of desktop and server systems linked to local and wide area networks.
oProvide enterprise recommendations to Leidos and DISA leadership to remediate environment wide issues, support continuous process improvement, and report analysis.
oInvestigate compromised endpoints, identifying IOCs within the environment and conveying to users and other teams impact of discovered events.
oSupport Day Shift/Core hours.
BASIC
Qualifications:
oBachelor's degree and 8
years of relevant experience; additional years of experience may be substituted in lieu of a degree.
oMust have an active DoD IAT Level II certification, prior to start (Sec+).
oSystems administration experience - desktop and server systems connected to local and wide area networks.
oTroubleshooting skills and knowledge of a troubleshooting methodology.
oIncident Response Experience.
oKnowledge Management skills to follow and create documentation.
PREFERRED
Qualifications:
oCertifications such as CySA, CEH, GCIA, or GCIH.
oExperience with enterprise antivirus solutions.
oExperience with vulnerability scanners.
oIncident Response Certification.
oKQL/Office 365 Incident response experience.
DISADESExternal Referral EligiblePay Range:
Pay Range $97,500.
00 - $176,250.
00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary.
Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Recommended Skills Certified Ethical Hacker Computer Networks Corrective And Preventive Action (Capa) Dry Runs Giac Certified Incident Handler Information Technology Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
