Apply on Employer Site

Leidos · 3 days ago

Cyber Intrusion Analyst

Pearl Harbor, HI

Full-time

Onsite

Entry, Mid Level

$70K/yr - $126K/yr

2+ years exp

Leidos is a leading technology company specializing in defense, aviation, information technology, and cybersecurity. They are seeking a Cyber Intrusion Analyst to join their Network Assurance Team, responsible for monitoring and responding to cybersecurity incidents while providing technical leadership and support for various security initiatives.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Perform computer network incident detection, and response activities to detect, correlate, identify and characterize anomalous activity that may be indicative of threats to the enterprise

Monitor various security tools and applications for possible malicious activities, investigate any associated alerts or indicators, and develop recommendations for a course of action, including mitigation strategies as necessary

Conduct analysis of low-level (“low and slow”) events to identify unauthorized activity utilizing exploratory problem-solving or self-learning techniques

Conduct near real-time event triage and analysis, which can result in network traffic validations or a Mission Partner’s incident report

Utilize formal monitoring policies and procedures that include the appropriate use of DoD-approved network monitoring and traffic analysis tools to assist with identifying suspicious, anomalous, or overtly malicious network traffic on a 24/7/365 basis

Review and analyze available logs in a timely manner to detect intruders and notify Mission Partners of activity through a formal reporting process/pending an incident report

Apply, develop, tune, and distribute or optimize new and existing countermeasures or guidance to prevent or mitigate potential cyber event impacts when possible

Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks

Understand attack signatures, tactics, techniques, and procedures associated with advanced threats

Requires good technical writing skills as each event, including the associated analysis, are documented in a ticketing system for review and action

Requires excellent communication skills as we are collocated with our customer and regular face-to-face interaction is necessary throughout the day, as well as significant coordination and communication between team members

Qualification

CND dutiesDoD 8570 IAT Level II CertificationNetwork traffic analysisPacket capture evaluationCommand Line ScriptingHacker TTPIntrusion detection monitoringSoftware exploitsTechnical writingCommunication skills

Required

Minimum active DoD Secret clearance with ability to obtain Top Secret (active TS strongly preferred)

Current DoD 8570 IAT Level II Certification (e.g. Sec+ CE) or higher at time of start

Ability to obtain DoD 8570 CSSP-Analyst certification, such as CEH, CySA+, GCIA or equivalent, within 180 days of hire

Bachelor's and 2+ years of relevant experience; additional relevant work experience and/or military service may be considered in lieu of degree

Experience working CND duties (e.g., Protect, Defend, Respond, and Sustain)

Experience working with DoD / Government Leaders at all levels

Strong computing system knowledge, particularly networking, including a knowledge of communication protocols and familiarity with common computing security elements such as IDS/IPS systems and firewalls

Experience evaluating packet captures

Willingness and ability to perform shift work (shifts may not be static)