Description Leidos' Digital Modernization sector is eager to bring on dedicated SOC Analysts to support our mission. We are looking for candidates who possess a minimum Top Secret clearance and can obtain TS/SCI, with at least 1 year of experience in incident handling and response, as well as experience in a Security Operations Center (SOC). If you are ready to work on-site during the evening shift (2pm-10pm) with available schedules from Sunday-Thursday or Tuesday-Saturday, we want to hear from you.
Primary Responsibilities: - Analyze alerts from various sources, including endpoints, IDS/IPS, netflow, and custom sensors, to identify potential compromises on customer networks/endpoints.
- Conduct detailed reviews of log files, pivot between different data sets, and correlate evidence for incident investigations.
- Assist in escalating alerts to senior-level SOC personnel while identifying malicious activities on networks.
- Maintain thorough documentation of findings and actions taken in our case management system.
- Collaborate with senior SOC members to create and distribute incident reports to customers and higher management.
Required Clearance and Certifications: - Active DoD Top Secret security clearance and ability to obtain TS/SCI.
- DoD 8570 IAT II certification (CompTIA Security+ CE, ISC2 SSCP, SANS GSEC, etc.) required prior to starting.
- Ability to obtain DoD 8570 CSSP-Analyst certification (CEH, CySA+, GCIA, etc.) within 6 months of starting.
Required Qualifications: - Bachelor's degree with 3+ years of relevant experience or equivalent military service and work experience.
- Minimum of 1 year of experience in incident handling and response.
- At least 1 year of experience working in a SOC environment.
- Experience in Computer Network Defense (Protect, Detect, Respond, and Sustain).
- Understanding of network threats, attacks, and exploitation methods, including attack vectors and intrusion set tactics.
- Solid knowledge of TCP/IP, networking ports and protocols, traffic flow, OSI model, and security practices.
- Strong written and verbal communication skills with the ability to produce technical reports.
- Commitment to continuous learning and maintaining technical proficiency in cybersecurity.
- Excellent analytical and troubleshooting capabilities.
- Willingness to work evening shifts, including weekends.
Preferred Qualifications: - Experience analyzing large volumes of logs and network data (e.g., Netflow, Full Packet Capture).
- Familiarity with enterprise SIEM platforms (e.g., ArcSight, Splunk, QRadar).
- Knowledge of Anti-Virus, HIPS/HBSS, IDS/IPS technologies.
- Understanding of malware analysis principles.
- Unix/Linux command line proficiency.
- Scripting or programming capabilities.
- Familiarity with Intelligence Driven Defense and the MITRE ATT&CK framework.
About our Program: Our team provides crucial IT products, services, and solutions to the Pentagon and other National Capitol Region DoD offices through the J6 Penetration Handling, Incident and System Health support services under the GSM-O contract. We perform critical cyber defensive actions, ensuring that networks remain secure from adversarial attacks.
About Leidos: Leidos is committed to making the world safer and more efficient through innovative technology and engineering solutions. We foster a collaborative culture that promotes your career growth while ensuring work-life balance. Our values emphasize integrity and respect, creating an inclusive environment where all employees thrive.
Join Leidos for competitive salaries, comprehensive healthcare benefits, wellness programs, and a robust 401k plan. We also support professional development and education.