IT Security Analyst

Description Leidos has a current job opportunity for a Senior Cyber Security Analyst/Elastic Detection Engineer specializing in data integration, model development, and system architecture. Areas of focus would be working with Elastic Stack (Elasticsearch, Logstash, Kibana) to develop, manage, and support scalable search and analytics solutions for the DISA GSM-O II program in Pearl Harbor, HI.A successful candidate will have experience in cyber analysis/incident response and data onboarding, content development, configuration, troubleshooting, reporting, and visualizations. This role requires technical expertise in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, tuning, and monitoring in secure environments. POSITION SUMMARY:The Senior Cyber Security Analyst/Elastic Detection Engineer develops SIEM/SOAR capabilities to support the team’s Cyber Security Service Provider (CSSP) services. This will include developing, implementing, and executing standard procedures for the "front-end" operation within Elastic. They will also be responsible for content development to include reports, dashboards, analytic rules, filters, and metrics. PRIMARY RESPONSIBILITIES:Monitor and optimize the performance of Elastic Stack clusters to ensure high availability, reliability, and performance.Work with site threat emulation/analytic development team to maximize detectionopportunities referenced to the MITRE ATT&CK framework.Customer Visualization Support: Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development.Design, develop, and maintain custom dashboards using Elastic stack for monitoring and visualization of system metrics, logs, and traces.Create and maintain comprehensive documentation for Elastic Stack configurations, processes, and procedures. BASIC QUALIFICATIONS:Active DoD Secret security clearance and ability to obtain TS/SCIDoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP,SANS GSEC prior to starting.DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification isrequired within 180 days of hire.Demonstrated commitment to training, self-study and maintaining proficiency in thetechnical cyber security domain.Bachelor's degree and 8+ years of prior relevant experience; additional workexperience or Cyber courses/certifications may be substituted in lieu of degree.In-depth knowledge of architecture, engineering, and operations of Elastic Stack Strong written and oral communications skills and strong analytical and troubleshootingskills.An ability to think critically and work independently. PREFERRED QUALIFICATIONS: CND experience (Protect, Detect, Respond and Sustain) within a Computer IncidentResponse organizationAdvanced certifications in Elastic Stack or SIEM are preferredStrong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.Demonstrated understanding of the life cycle of network threats, attacks, attack vectorsand methods of exploitation with an understanding of intrusion set tactics, techniques andprocedures (TTPs).Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow,system administration, OSI model, defense-in-depth and common security elements.Unix/Linux command line experience.Scripting and programming experience such as PowerShell, bash, or python.Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chainmethodology.Existing 8570 CSSP Analyst Certifications (CEH), CySA+, etc.Vendor specific certifications.Original Posting Date:2024-10-25While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.