Description Join Leidos as a Senior Cybersecurity Engineer specializing in data integration, content development, and system architecture. This role is pivotal in leading a talented team to develop, manage, and optimize scalable search and analytics solutions utilizing the Elastic Stack (Elasticsearch, Logstash, Kibana) for the DISA GSM-O II program.
A successful candidate will possess substantial experience in cyber analysis, incident response, SIEM operations, content development, visualizations, and reporting. This role demands technical expertise with Elastic, a deep understanding of SIEM architecture, and hands-on experience with cybersecurity data, incident handling, and monitoring in secure environments.
Position Overview: The Senior Cybersecurity / Elastic Detection Engineer will spearhead the development of SIEM/SOAR capabilities, supporting our team's Cyber Security Service Provider (CSSP) services. Responsibilities include creating, testing, implementing, and executing standard operating procedures for front-end operations within Elastic, alongside developing reports, dashboards, analytic rules, filters, and performance metrics.
Key Responsibilities: - Monitor and optimize content performance within Elastic Stack clusters to maintain high availability, reliability, and performance for CSSP services.
- Create and maintain comprehensive documentation for all content, processes, and procedures.
- Design, develop, and maintain custom dashboards in Elastic for monitoring and visualizing metrics, logs, and traces.
- Collaborate with the threat emulation and analytic development team to enhance detection opportunities aligned with the MITRE ATT&CK framework.
Basic Qualifications: - Active DoD Secret security clearance with the ability to obtain TS/SCI.
- Strong critical thinking abilities, self-motivation for independent work, and effective communication skills.
- Extensive knowledge of the Elastic Stack's architecture, engineering, and operations.
- Commitment to continuous training, self-study, and proficiency in technical cybersecurity.
- Bachelor's degree and 8+ years of relevant experience; additional work experience or cybersecurity courses/certifications may substitute for a degree.
- DoD 8570 CSSP-A level Certification (e.g., CEH, CySA+, GCIA) required within 180 days of hire.
- DoD 8570 IAT level II or higher certification (e.g., CompTIA Security+ CE, ISC2 SSCP, SANS GSEC) is mandatory prior to starting.
Preferred Qualifications: - Experience in CND (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization.
- Advanced certifications or formal training in Elastic or other SIEMs preferred.
- Strong knowledge of SIEM systems, data pipelines, and threat detection methodologies.
- Understanding of the lifecycle of network threats, attacks, and exploitation methods, including intrusion set tactics.
- Advanced knowledge of TCP/IP, networking protocols, traffic flow, system administration, and common security elements.
- Ability to develop, test, and deploy high-fidelity security analytics and detection rules; proficiency in scripting languages like Python is desirable.
- Familiarity with version control systems like GitLab and collaboration platforms (e.g., Microsoft Teams, Slack).
- Experience with Intelligence-Driven Defense and Cyber Kill Chain methodology.
- Exceptional analytical skills with a strong ability to identify and address security gaps.
- Ability to analyze and enhance existing processes for improved efficiency.
- Existing 8570 CSSP Analyst Certifications (e.g., CEH, CySA+) and other vendor-specific certifications.
Why Leidos? - Company-paid relocation to Hawaii.
- Competitive compensation plans including health and wellness programs, flexible leave, and immediately-vested 401k.
- Robust professional development programs within the defensive cyber space, offering upskilling opportunities and mentorship.
Original Posting Date: 2025-02-24
While subject to change based on business needs, we anticipate this job requisition will remain open for at least 3 days following the posting date.
Pay Range: $104,650.00 - $189,175.00
The pay range for this position is a guideline and not a guarantee of compensation. Factors considered in extending an offer include responsibilities, education, experience, skills, and abilities.