Description

We have an IMMEDIATE NEED for a Sr. Cyber Security Analyst responsible for supporting the cyber security program and strategy at a tactical and operational level (network, infrastructure, applications, and databases) to ensure that security controls are functioning efficiently and effectively, more specifically in the realm of security logging, monitoring, alert management, incident handling vulnerability and configuration management.

Candidates will work directly with Team leads, developers and operations throughout a DevSecOps life cycle both on policy and technical implementation of technologies.

Basic Qualifications:

• Investigate and respond to cyber security incidents (system and/or network breaches, malware attacks) and implement forensic investigations.

• Research and evaluate emerging cyber security threats and ways to manage them.

• Proactively identify security flaws and vulnerabilities.

• Audit systems for secure configuration.

• System & network security monitoring with security information event management tools.

• Conducts vulnerability routine scanning, provides formal and informal reports to IT team and tracks remediation efforts

• Participate in data and root cause analysis for each service impacting incident with all possible corrective actions for improvement.

• Continuously review security bulletins and related news; stay apprised of current threats and trends.

• Track common vulnerabilities and exposures (CVE) based security threats and map to internal controls and remediation plans.

• Monitor networks for security breaches and conduct root cause analysis (RCA) post breach.

• Performs other duties as assigned.

• Candidate must have a BS degree and 8 years of prior relevant experience. Will consider 4 additional years of related experience in lieu of a degree.

**Candidate must have an active TS/SCI with a polygraph.

Preferred Qualifications:

• Familiar with SEIM and Cloud Computing Technologies (AWS)

• Experienced with HBSS, IDS/IPS, VPNs, DISA STIGs

• Experience with RHEL

• Experience with Risk Management Framework

• Experience with Agile Software Development

• Knowledge of potential attack vectors such as XSS, injection, hijacking, social engineering

• Experiences with at least one vulnerability scanning tool (AWS Inspector, Nexpose Rapid 7, Appdetective, Webinspect, etc.)

• Experience with system health tools (Appdynamic, Nagios, Solarwinds)

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.