Junior Cyber Network Defense Analyst

Description

Job Description:

Leidos is seeking a Junior Cyber Network Defense Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff.

The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have Front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12 hour shifts from Sunday - Tuesday and alternating Wednesdays. The back half shift will work 12 hour shifts from Thursday - Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.

Primary Responsibilities
  • Utilize a SIEM for enterprise monitoring and detection
  • Create Security Event Notifications to document investigation findings
  • Perform critical thinking and analysis to investigate cyber security alerts
  • Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
  • Collaborate with team members to analyze an alert or a threat
  • Stay up to date with latest threats
  • Monitor shared email box for notifications and requests
  • Utilize OSINT to aid in their investigation
  • Contribute to content tuning requests


Basic Qualifications

All Junior Cyber Network Defense Analyst candidates shall have a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field AND a minimum of 2+ years professional experience in the areas listed below:
  • Network Administration
  • Unix/Linux Administration
  • Software engineering
  • Software development
  • Systems administration
  • Help desk/IT support

The ideal candidate is a self-motivated individual in pursuit of a career in cyber security.

Candidates should also demonstrate the following:
  • Familiarity with a SOC's purpose and role within an organization
  • General understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
  • Familiarity with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc) .
  • Familiarity with packet analysis tools such as Wireshark
  • Able to perform critical thinking and analysis to investigate cyber security alerts
  • Familiarity with common malware and attack vectors
  • Familiarity with Windows operating systems and standard OS logging
  • Familiarity with Antivirus, DLP, and host based firewalls

Must have at least one of the following certifications:
  • Comptia: Security+, Network+, CASP
  • SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH
  • EC Council: CEH, CHFI, LPT, ECSA
  • ISC2: CCFP, CCSP, CISSP CERT CSIH
  • Offensive Security: OSCP, OSCE, OSWP and OSEE

Must have current TS/SCI. In addition to specific security clearance requirements, all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.

Preferred Qualifications
  • Familiar with SOC methodologies and processes
  • Familiarity with scripting languages (e.g. Python, Powershell, Javascript, VBS etc)


Pay Range: