The Department of Homeland Security (DHS), Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.
Leidos has an immediate need for a Threat Intelligence Analyst to join our SOC Cyber Team.
The ideal Cyber Threat Intelligence Analyst is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious.
Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures).
Bring a comprehensive understanding, analyzing and tracking the Cyber Threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the organization’s IT operating environment.
In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5-year background investigation (BI).
• BS in IT related field or higher and 4-8 years’ experience in an information technology field
• 5+ years of recent experience with host-based and network-based security monitoring solutions and to include security content recommendation or development (host based and network signatures).
• Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management, and customer teams for purposes of situational awareness and making threat intelligence actionable.
• Provide support to the Security Operations Center during incident response and threat intelligence activities that includes cyber threat analysis support, research, recommending relevant remediation and mitigation.
• Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency
• Proficient in one more of the following computer languages Python, Bash, Visual Basic or PowerShell in order to support cyber threat detection or reporting.
Host-based and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence.
Deep understanding of Cyber Kill Chain and applicable analytic models such the Diamond Model, strong written and oral communication skills
• Certified Information System Security Professional (CISSP).
• Previous DOD, IC or Law Enforcement Intelligence or Counterintelligence Training/Experience.
• Knowledge of Structured Analytic Technique
• Developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts,Python, C++, HTML, XML or other type most appropriate for the task.
Pay Range $78,000.00 – $120,000.00 – $162,000.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos / Equal Opportunity Employer
R-00111034 JBLDJ 2023-05-11 18:11:33 UTC
‘-, CLZUU, SKINT, SKCYB, — SKUUU, VA_Ashburn VA_xxx ZC20147