Leidos
Incident Response Deputy Team Lead with Security Clearance
Leidos, Ashburn, Virginia, United States, 22011
Incident Response Deputy Team Lead with Security Clearance
The Leidos Digital Modernization Team is seeking an Incident Response Deputy Team Lead. The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is responsible for preventing, identifying, containing, and eradicating cyber threats to CBP networks through monitoring, intrusion detection, and protective security services.As a leader of this highly visible SOC for U.S. Customs and Border Protection (CBP), you will be responsible for managing day-to-day operations of the team, coordinating efforts, leading by example, and performing in-depth technical analysis of network and endpoint logs & activity.Primary Responsibilities:
Manage the team of Cyber Threat Hunt Analysts and schedule threat hunts.Partner with other task leads in support of customer initiatives and cyber incidents.Create dashboards for key metrics and deliver technical presentations to customer leadership.Interface with senior DHS & CBP leaders to maintain critical systems.Utilize technologies such as host forensics tools, Endpoint Detection & Response tools, and log analysis tools to perform investigative activity.Conduct in-depth analysis on hosts and networks, forensic analysis, and triage in support of incident response.Recognize attacker activity and develop security content to enhance incident investigation processes.Lead incident response activities and mentor junior SOC staff.Work with key stakeholders to implement remediation plans in response to incidents.Effectively investigate and identify root cause findings and communicate to stakeholders.Basic Qualifications:
Bachelor's degree in a science or engineering field, IT, or Cybersecurity related field.8–12 years of experience in incident detection and response, remediation, or computer forensics.Ability to prioritize and complete multiple tasks with little to no supervision.Experience organizing and managing contract operation support functions.Advanced knowledge of the Incident Response Lifecycle.Effective communication skills with attention to detail.Experience creating new processes and playbooks for new tools.Ability to script in one or more programming languages (Python, Bash, etc.).Experience running cyber incident investigations with attention to detail.Clearance:
All CBP SOC employees are required to successfully complete a CBP Background Investigation.Preferred Qualifications:
Experience in Federal Government, DOD, or Law Enforcement in CND, CIRT, or SOC role.Knowledge of the Cyber Kill Chain and the MITRE ATT&CK framework.Knowledge of Structured Analytic Techniques.Required Certifications:
The candidate should have at minimum ONE of the following certifications:CompTIA Cyber Security Analyst (CySA+)CompTIA Linux Network Professional (CLNP)CompTIA Pentest+OSCP (Certified Professional)CISSP – Certified Information Systems SecurityCEH – Certified Ethical HackerOriginal Posting Date: 2024–09–20Pay Range: $101,400.00 – $183,300.00
#J-18808-Ljbffr
The Leidos Digital Modernization Team is seeking an Incident Response Deputy Team Lead. The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is responsible for preventing, identifying, containing, and eradicating cyber threats to CBP networks through monitoring, intrusion detection, and protective security services.As a leader of this highly visible SOC for U.S. Customs and Border Protection (CBP), you will be responsible for managing day-to-day operations of the team, coordinating efforts, leading by example, and performing in-depth technical analysis of network and endpoint logs & activity.Primary Responsibilities:
Manage the team of Cyber Threat Hunt Analysts and schedule threat hunts.Partner with other task leads in support of customer initiatives and cyber incidents.Create dashboards for key metrics and deliver technical presentations to customer leadership.Interface with senior DHS & CBP leaders to maintain critical systems.Utilize technologies such as host forensics tools, Endpoint Detection & Response tools, and log analysis tools to perform investigative activity.Conduct in-depth analysis on hosts and networks, forensic analysis, and triage in support of incident response.Recognize attacker activity and develop security content to enhance incident investigation processes.Lead incident response activities and mentor junior SOC staff.Work with key stakeholders to implement remediation plans in response to incidents.Effectively investigate and identify root cause findings and communicate to stakeholders.Basic Qualifications:
Bachelor's degree in a science or engineering field, IT, or Cybersecurity related field.8–12 years of experience in incident detection and response, remediation, or computer forensics.Ability to prioritize and complete multiple tasks with little to no supervision.Experience organizing and managing contract operation support functions.Advanced knowledge of the Incident Response Lifecycle.Effective communication skills with attention to detail.Experience creating new processes and playbooks for new tools.Ability to script in one or more programming languages (Python, Bash, etc.).Experience running cyber incident investigations with attention to detail.Clearance:
All CBP SOC employees are required to successfully complete a CBP Background Investigation.Preferred Qualifications:
Experience in Federal Government, DOD, or Law Enforcement in CND, CIRT, or SOC role.Knowledge of the Cyber Kill Chain and the MITRE ATT&CK framework.Knowledge of Structured Analytic Techniques.Required Certifications:
The candidate should have at minimum ONE of the following certifications:CompTIA Cyber Security Analyst (CySA+)CompTIA Linux Network Professional (CLNP)CompTIA Pentest+OSCP (Certified Professional)CISSP – Certified Information Systems SecurityCEH – Certified Ethical HackerOriginal Posting Date: 2024–09–20Pay Range: $101,400.00 – $183,300.00
#J-18808-Ljbffr