Leidos
Cyber Network Defense Analyst
Leidos, Washington, District of Columbia, us, 20022
Leidos is seeking a
Cyber Network Defense Analyst (CNDA)
to join our team on a highly visible cyber security single-award IDIQ vehicle that provides Network Operations Security Center (NOSC) support, cyber analysis, application development, and a 24x7x365 support staff.The Network Operations Security Center (NOSC) is a U.S. Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the e
nterprise.
The NOSC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared customer incident tracking system and other means of coordination and
communication.
The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday – Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday – Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.Duties include network security monitoring and detection, proactively searching for threats, inspecting traffic for anomalies and new malware patterns, investigating and analyzing logs, providing analysis and response to alerts, and documenting activity in NOSC investigations and Security Event Notifications (SENs).Primary Responsibilities:Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the
Incident Response
teamGuide and mentor peers and subordinates to provide cross trainingEnsure accountability and punctuality of security analysts assigned to your shiftCapture cybersecurity metrics that support executive-level briefings (daily, weekly, monthly)Articulate daily challenges to the Government Watch Officer (GWO)Analyze web and host logs for indications of compromiseRemediate and coordinate the remediation of infected or compromised devicesEnsure shift continuity during call-outs and emergenciesCompile incident reports, executive summaries, and analysis reports of intrusions and/or security eventsDocument and update processes, workflows, and technical guidesPerform simple firewall rule changes (after training)Clearance Required:Must have
TS/SCI
clearance to start. Top Secret clearance candidatess will be considered. Preference to candidates with current/active TS/SCI clearance.Basic Qualifications:Candidates should also demonstrate the following:Bachelor's Degree and
4+ years of SOC analyst
experience. (Additional experience may be considered in lieu of a degree)Extensive knowledge of a
SOC ’s/ NOSC ’s purpose and role within an organizationDetailed understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)Expertise with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc) .Expertise with packet analysis tools such as
WiresharkCertification Requirement :
Sec+, CEH, CySA+ or SANS certsOriginal Posting Date:2024-07-22
DescriptionLeidos is seeking a
Cyber Network Defense Analyst (CNDA)
to join our team on a highly visible cyber security single-award IDIQ vehicle that provides Network Operations Security Center (NOSC) support, cyber analysis, application development, and a 24x7x365 support staff.The Network Operations Security Center (NOSC) is a U.S. Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the e
nterprise.
The NOSC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared customer incident tracking system and other means of coordination and
communication.
The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday – Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday – Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.Duties include network security monitoring and detection, proactively searching for threats, inspecting traffic for anomalies and new malware patterns, investigating and analyzing logs, providing analysis and response to alerts, and documenting activity in NOSC investigations and Security Event Notifications (SENs).Primary Responsibilities:Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the
Incident Response
team
Guide and mentor peers and subordinates to provide cross training
Ensure accountability and punctuality of security analysts assigned to your shift
Capture cybersecurity metrics that support executive-level briefings (daily, weekly, monthly)
Articulate daily challenges to the Government Watch Officer (GWO)
Analyze web and host logs for indications of compromise
Remediate and coordinate the remediation of infected or compromised devices
Ensure shift continuity during call-outs and emergencies
Compile incident reports, executive summaries, and analysis reports of intrusions and/or security events
Document and update processes, workflows, and technical guides
Perform simple firewall rule changes (after training)
Clearance Required:Must have
TS/SCI
clearance to start. Top Secret clearance candidatess will be considered. Preference to candidates with current/active TS/SCI clearance.
US Citizenship required
Basic Qualifications:Candidates should also demonstrate the following:Bachelor's Degree and
4+ years of SOC analyst
experience. (Additional experience may be considered in lieu of a degree)Extensive knowledge of a
SOC ’s/ NOSC ’s purpose and role within an organization
Detailed understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
Expertise with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc) .
Expertise with packet analysis tools such as
Wireshark
Certification Requirement :
Sec+, CEH, CySA+ or SANS certsOriginal Posting Date:2024-07-22 While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $81,250.00 - $146,875.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Receive tips & info on cleared job search, security clearances and career development.
#J-18808-Ljbffr
Cyber Network Defense Analyst (CNDA)
to join our team on a highly visible cyber security single-award IDIQ vehicle that provides Network Operations Security Center (NOSC) support, cyber analysis, application development, and a 24x7x365 support staff.The Network Operations Security Center (NOSC) is a U.S. Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the e
nterprise.
The NOSC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared customer incident tracking system and other means of coordination and
communication.
The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday – Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday – Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.Duties include network security monitoring and detection, proactively searching for threats, inspecting traffic for anomalies and new malware patterns, investigating and analyzing logs, providing analysis and response to alerts, and documenting activity in NOSC investigations and Security Event Notifications (SENs).Primary Responsibilities:Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the
Incident Response
teamGuide and mentor peers and subordinates to provide cross trainingEnsure accountability and punctuality of security analysts assigned to your shiftCapture cybersecurity metrics that support executive-level briefings (daily, weekly, monthly)Articulate daily challenges to the Government Watch Officer (GWO)Analyze web and host logs for indications of compromiseRemediate and coordinate the remediation of infected or compromised devicesEnsure shift continuity during call-outs and emergenciesCompile incident reports, executive summaries, and analysis reports of intrusions and/or security eventsDocument and update processes, workflows, and technical guidesPerform simple firewall rule changes (after training)Clearance Required:Must have
TS/SCI
clearance to start. Top Secret clearance candidatess will be considered. Preference to candidates with current/active TS/SCI clearance.Basic Qualifications:Candidates should also demonstrate the following:Bachelor's Degree and
4+ years of SOC analyst
experience. (Additional experience may be considered in lieu of a degree)Extensive knowledge of a
SOC ’s/ NOSC ’s purpose and role within an organizationDetailed understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)Expertise with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc) .Expertise with packet analysis tools such as
WiresharkCertification Requirement :
Sec+, CEH, CySA+ or SANS certsOriginal Posting Date:2024-07-22
DescriptionLeidos is seeking a
Cyber Network Defense Analyst (CNDA)
to join our team on a highly visible cyber security single-award IDIQ vehicle that provides Network Operations Security Center (NOSC) support, cyber analysis, application development, and a 24x7x365 support staff.The Network Operations Security Center (NOSC) is a U.S. Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the e
nterprise.
The NOSC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a shared customer incident tracking system and other means of coordination and
communication.
The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12-hour shifts from Sunday – Tuesday and alternating Wednesdays. The back half shift will work 12-hour shifts from Thursday – Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.Duties include network security monitoring and detection, proactively searching for threats, inspecting traffic for anomalies and new malware patterns, investigating and analyzing logs, providing analysis and response to alerts, and documenting activity in NOSC investigations and Security Event Notifications (SENs).Primary Responsibilities:Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the
Incident Response
team
Guide and mentor peers and subordinates to provide cross training
Ensure accountability and punctuality of security analysts assigned to your shift
Capture cybersecurity metrics that support executive-level briefings (daily, weekly, monthly)
Articulate daily challenges to the Government Watch Officer (GWO)
Analyze web and host logs for indications of compromise
Remediate and coordinate the remediation of infected or compromised devices
Ensure shift continuity during call-outs and emergencies
Compile incident reports, executive summaries, and analysis reports of intrusions and/or security events
Document and update processes, workflows, and technical guides
Perform simple firewall rule changes (after training)
Clearance Required:Must have
TS/SCI
clearance to start. Top Secret clearance candidatess will be considered. Preference to candidates with current/active TS/SCI clearance.
US Citizenship required
Basic Qualifications:Candidates should also demonstrate the following:Bachelor's Degree and
4+ years of SOC analyst
experience. (Additional experience may be considered in lieu of a degree)Extensive knowledge of a
SOC ’s/ NOSC ’s purpose and role within an organization
Detailed understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
Expertise with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc) .
Expertise with packet analysis tools such as
Wireshark
Certification Requirement :
Sec+, CEH, CySA+ or SANS certsOriginal Posting Date:2024-07-22 While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.Pay Range:Pay Range $81,250.00 - $146,875.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Receive tips & info on cleared job search, security clearances and career development.
#J-18808-Ljbffr