Leidos
IT Security Analyst
Leidos, Joint Base Pearl Harbor Hickam, Hawaii, United States,
DescriptionLeidos has a current job opportunity for a Senior Cyber Security Analyst/
Elastic
Detection Engineer
specializing in
data integration, model development, and system architecture.
Areas of focus would be
working with Elastic Stack (Elasticsearch, Logstash, Kibana) to develop, manage, and support scalable search and analytics solutions
for the DISA GSM-O II program in
Pearl Harbor
,
HI
.
A successful candidate will have experience in cyber analysis/incident response and
data onboarding, content development, configuration, troubleshooting, reporting, and visualizations
.
This role requires technical
expertise
in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, tuning, and monitoring in secure environments
.
POSITION SUMMARY:The Senior Cyber Security Analyst/
Elastic
Detection Engineer develops SIEM/SOAR capabilities to support
the team’s Cyber Security Service Provider (CSSP) services. This will include developing, implementing,
and executing standard procedures for the "front-end" operation within
Elastic
. They will also
be responsible for
content development to include reports, dashboards, analytic rules, filters, and
metrics.
PRIMARY RESPONSIBILITIES:Monitor
and
optimize
the performance of Elastic Stack clusters to ensure high availability, reliability, and performance.Work with site threat emulation/analytic development team to maximize detection
opportunities referenced to the MITRE ATT&CK framework.Customer Visualization Support: Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development.Design, develop, and
maintain
custom dashboards using Elastic stack for monitoring and visualization of system metrics, logs, and traces
.Create and
maintain
comprehensive documentation for Elastic Stack configurations, processes, and procedures.
BASIC QUALIFICATIONS:Active DoD Secret security clearance and ability to obtain TS/SCIDoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP,
SANS GSEC prior to starting.DoD 8570 CSSP-A level Certification such as CEH,
CySA
+, GCIA or other certification is
required within 180 days of hire.Demonstrated
commitment to training, self-study and
maintaining
proficiency
in the
technical cyber security domain.Bachelor's degree and 8
+
years of prior relevant experience;
additional
workexperience or Cyber courses/certifications may be substituted in lieu of degree.In-depth knowledge of architecture, engineering, and operations of
Elastic StackStrong written and oral communications skills and strong analytical and troubleshooting
skills.An ability to think critically and work independently.
PREFERRED QUALIFICATIONS:CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident
Response organizationAdvanced certifications in Elastic Stack or SIEM are preferredStrong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.Demonstrated
understanding of the life cycle of network threats, attacks, attack vectors
and methods of exploitation with an understanding of intrusion set tactics, techniques and
procedures (TTPs).Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow,
system administration, OSI model, defense-in-depth
and common security elements.Unix/Linux command line experience.Scripting and programming experience such as PowerShell, bash, or python.Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chainmethodology
.Existing 8570 CSSP Analyst Certifications (CEH),
CySA
+, etc.Vendor specific certifications.Original Posting Date:
2024-10-25 While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Elastic
Detection Engineer
specializing in
data integration, model development, and system architecture.
Areas of focus would be
working with Elastic Stack (Elasticsearch, Logstash, Kibana) to develop, manage, and support scalable search and analytics solutions
for the DISA GSM-O II program in
Pearl Harbor
,
HI
.
A successful candidate will have experience in cyber analysis/incident response and
data onboarding, content development, configuration, troubleshooting, reporting, and visualizations
.
This role requires technical
expertise
in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, tuning, and monitoring in secure environments
.
POSITION SUMMARY:The Senior Cyber Security Analyst/
Elastic
Detection Engineer develops SIEM/SOAR capabilities to support
the team’s Cyber Security Service Provider (CSSP) services. This will include developing, implementing,
and executing standard procedures for the "front-end" operation within
Elastic
. They will also
be responsible for
content development to include reports, dashboards, analytic rules, filters, and
metrics.
PRIMARY RESPONSIBILITIES:Monitor
and
optimize
the performance of Elastic Stack clusters to ensure high availability, reliability, and performance.Work with site threat emulation/analytic development team to maximize detection
opportunities referenced to the MITRE ATT&CK framework.Customer Visualization Support: Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development.Design, develop, and
maintain
custom dashboards using Elastic stack for monitoring and visualization of system metrics, logs, and traces
.Create and
maintain
comprehensive documentation for Elastic Stack configurations, processes, and procedures.
BASIC QUALIFICATIONS:Active DoD Secret security clearance and ability to obtain TS/SCIDoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP,
SANS GSEC prior to starting.DoD 8570 CSSP-A level Certification such as CEH,
CySA
+, GCIA or other certification is
required within 180 days of hire.Demonstrated
commitment to training, self-study and
maintaining
proficiency
in the
technical cyber security domain.Bachelor's degree and 8
+
years of prior relevant experience;
additional
workexperience or Cyber courses/certifications may be substituted in lieu of degree.In-depth knowledge of architecture, engineering, and operations of
Elastic StackStrong written and oral communications skills and strong analytical and troubleshooting
skills.An ability to think critically and work independently.
PREFERRED QUALIFICATIONS:CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident
Response organizationAdvanced certifications in Elastic Stack or SIEM are preferredStrong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.Demonstrated
understanding of the life cycle of network threats, attacks, attack vectors
and methods of exploitation with an understanding of intrusion set tactics, techniques and
procedures (TTPs).Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow,
system administration, OSI model, defense-in-depth
and common security elements.Unix/Linux command line experience.Scripting and programming experience such as PowerShell, bash, or python.Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chainmethodology
.Existing 8570 CSSP Analyst Certifications (CEH),
CySA
+, etc.Vendor specific certifications.Original Posting Date:
2024-10-25 While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.