Leidos Information Assurance Engineer Staff (Cyber Services-SOC) in BOSTON, Massachusetts
The selected candidate will be executing Cyber services contracts across a variety of large commercial organizations. This individual should have a strong foundation in the roles and security functions of large organizations, specifically the Security Operations Center (SOC). The scope of this role includes the ability to evaluate large security enterprises and their SOC organizations, development of strategic roadmaps to drive growth and maturity, as well as knowledge on how to implement and drive a plan for transforming an organization to their desired end state. This candidate should have excellent communication skills, both written and oral, and the ability to interact with others from the executive level down to highly technical analysts in structured and unstructured situations.
Minimum of 5 years working in the Information Security industry
Minimum of 2 years working in a SOC environment and/or experience evaluating large corporate enterprise networks and cyber security organizations
Specialty in one or more of the following Information Security domains: Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Malware Analysis, Computer Forensics, Cyber Architecture, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Policy & Governance, Education & Awareness, Penetration Testing, Vulnerability Scanning & Management, and Compliance & Risk Management
Experience working with SOC organizations in establishing roadmaps to improve their current capabilities, increasing effectiveness of analysis, and developing the functional/operational processes and procedures to support their mission
Experience with execution of assessments and evaluations of cyber security operations to include the development of strategic vision roadmaps, baseline or gap evaluations, and SOC Strategy and Concept of Operations reports
Knowledge of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat attack.
Knowledge and understanding of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc. Experience developing content-rich final reports and associated deliverables with results of subject matter expert analysis and improvement recommendations
Experience presenting the results of applied analysis to client stakeholders to include senior or executive leadership
Knowledge of Large Fortune 500 organizations security programs and their related functions to include the SOC function, vulnerability assessment, penetration testing, security policy and procedure, security infrastructure management, network and host based defense, cyber security metrics, security engineering, etc.
Experience with cyber security processes, tools, and technologies and extensive knowledge of best practices regarding their implementation
Strong interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions
Position requires extensive (up to 50%) travel within the United States, with the potential for international travel
Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 9 years of professional experience; or 7 years of professional experience with a related Master’s degree. Considered an emerging authority.
Prior experience working in SOC environments across a variety of verticals to include Aerospace & Defense, Energy, Oil and Gas, Financial, High-Tech, Chemical, Pharmaceutical & Healthcare, and/or related industries.
Prior experience leading an assessment or evaluation of a SOC or large security enterprise to include execution of the assessment, analysis of results, and formulation of a final report for dissemination to key stakeholders.
Prior experience working in a SOC analyst role with knowledge across Threat Monitoring, Incident Response, and Threat Intelligence.
Prior experience evaluating and assessing large Fortune 500 organizations from the standpoint of enterprise-wide cyber security projects, programs, and capabilities.
Prior experience working with the Kill Chain and similar frameworks and concepts.
Prior experience with Operational Technology (OT) environments to include cyber defenses across Process Control Networks (PCN), Integrated Controls Systems (ICS), and/or SCADA systems
Cyber security certifications such as CISSP, CEH, GCIA, GCIH, GCFE, and/or Security+
Knowledge of industry best practices and standards to include but not limited to the following; NIST 800-61 and ISO 27035.
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos is an Equal Opportunity Employer.