Automation Engineer

You need to sign in or
create an account to save a job.

Job Description:

Do you want to grow your career and be part of a team solving critical challenges that affect the world? Then Leidos is the place for you!

The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.

The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.

Leidos has an immediate need for Automation Engineer to join our CBP Team. The ideal candidate is someone who is process driven, efficient, and strives to remove tedium from daily workflows.

Primary Responsibilities:
-Author, test, and maintain automation scripts/workflows within SOAR platform
-Design, implement, and maintain efficient and reusable Python code
-Review, debug, and resolve technical issues throughout all stages of SDLC
-Integrate SOAR platform with other security tools and APIs to execute automated workflows
-Coordinate with System Administrators, Engineers, and ISSOs to provision service accounts and/or grant required permissions
-Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
-Measure effectiveness of process improvement and automation efforts via metrics and KPIs

The ideal candidate will have the following qualifications/experience:
-Have expert proficiency with Python
-Working knowledge of SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML
-Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc
-Experience as a SOC Analyst and/or Incident Responder
-Authored SOC SOPs, playbooks, work instructions and/or other process documents
-Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
-General networking knowledge to include operation of routers, firewalls, DNS, DHCP, subnetting, VPN and Web Proxies

Basic Qualifications:
-In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
-BS degree in Science, Technology, Engineering, Math or related field and 8 to 12 years of prior relevant experience with a focus on Cyber security OR MS degree with 6 to 10 years of prior relevant experience.
-Should have 2 years of experience serving as a SOC Analyst or Incident Responder
-Ability to work independently with minimal direction; self-starter/self-motivated

Must have one of the following certifications:
-CompTIA Advanced Security Practitioner (CASP)
-CompTIA Security+
-GCIH - Incident Handler
-GCED - Enterprise Defender
-GMON - Continuous Monitoring Certification
-CISSP - Certified Information Systems Security
-CEH - Certified Ethical Hacker

Pay Range: