Network and Security Operations Center (NSOC) Incident Response Lead
9630 Joint Base Langley Eustis VA
Full Time Senior-level / Expert Clearance required USD 131K - 237K
Leidos is seeking an experienced Incident Response (IR) Lead to support a highly visible NSOC position. Reporting to the Leidos NSOC Lead, the NSOC Response Lead is responsible to independently lead teams of operators through the incident response lifecycle.
The position may require occasional short-term travel to CONUS and OCONUS sites. This position may require an infrequent shift in workday schedule to support exercises occurring over weekends.
Primary Responsibilities
Assesses, categorizes, recommends prioritization, develops, reports on, guides, and assumes responsibility for cyber-IR actions in accordance with NIST SP 800-61 Rev. 2.
Leads the IR team.
Conducts in-depth analysis on hosts and networks, forensic analysis, log analysis, and triage in support of IR.
Develops and builds security content, scripts, tools, or methods to enhance the incident investigation processes.
Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response processes.
Utilizes technologies such as host forensics tools, Endpoint Detection & Response tools, log analysis and full packet capture to perform hunt and investigative activity to examine endpoint and network-based data.
Populates dashboards with key metrics and processes and deliver technical presentations to various levels of customer leadership. Compiles and presents reports to senior leaders.
Works with stakeholders to implement remediation plans in response to incidents.
Ensures that the IR team has necessary personnel, resources, and skills.
Develops artifacts supporting Information Assurance and Risk Management Framework (RMF) processes.
Basic Qualifications
Masters degree in Computer Science, MIS, or related technical field.
At least 10 years of experience be in the areas of incident detection and response, remediation, malware analysis, or computer forensics.
Typically requires Master's degree with 15 – 20 years of related experience.
Top Secret clearance with ability to obtain and maintain TS/SCI.
Strong problem-solving abilities using analytic and qualitative reasoning.
Ability to independently prioritize and complete multiple tasks with little to no supervision.
Ability to accurately capture and document technical remediation details, and ability to brief stakeholders on incident statuses.
Effective communication with customer leadership to disseminate timely updates of critical incidents with an emphasis on attention to detail and accurate reporting.
Experience organizing, directing, and managing operation support functions involving multiple, complex, and interrelated project tasks.
Advanced knowledge of the Incident Response Lifecycle and applicability to various types of incidents.
Ability to collaborate with technical staff and customers to identify, assess, and resolve complex security problems, issues, and risks to facilitate resolution and risk mitigation.
Experience creating processes, playbooks, and SOPs for tools and workflows. Relevant experience should be in the areas of incident detection and response, malware analysis, or computer forensics.
Ability to script in one more of the following computer languages Python, Bash, Visual Basic or PowerShell.
Experience running cyber incident investigations with emphasis on attention to detail and adherence to defined escalation paths.
At least one current DoD 8140 certification
Preferred Qualifications
Experience with virtualized environments (VMware, Red Hat).
Experience working with cloud computing and infrastructure security (AWS, Azure, etc.) to IL6
Experience as a member of agile programs
Experience in Federal Government, DOD or Law Enforcement in CND, CIRT or SOC role
Knowledge of the Cyber Kill Chain and the MITRE ATT&CK framework
Knowledge of Structured Analytic Techniques
Original Posting Date:
2024-11-27While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $131,300.00 - $237,350.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Tags: Agile APT AWS Azure Bash Clearance Cloud CND Computer Science Cyber Kill Chain DoD DoDD 8140 Forensics Incident response Log analysis Malware MITRE ATT&CK Monitoring NIST PowerShell Python Red Hat Risk management RMF SOC Top Secret Top Secret Clearance TS/SCI VMware
Perks/benefits: Equity / stock options
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.