The Leidos DES (Defense Enclave Services) team is supporting an extensive digital modernization program critical to DISA and Fourth Estate Agencies and currently has an opening for a SOC Analyst located at Ft. Meade, MD.
The Defense Enclave Services contract will unify the DOD Fourth Estate Defense Agencies and Field Activities’ common use information technology systems, personnel, functions and program elements under the direction of DISA’s Fourth Estate Network Optimization program office.
•Must hold an active TS/SCI security clearance. (US Citizenship required)
•Provide SOC and Incident Response support, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents.
•Monitor and reply to events and alerts from the SIEM, monitoring tools, and other network tools.
•Investigate events of interest and escalate to senior NOC / SOC members.
•Work closely with both on-site and remote users to coordinate site visits and upgrades, provide on-site and remote resolution for trouble calls, and provide TIER 1/2 support of production systems.
•Drive incidents from discovery to closure and reporting, with comprehension of escalation procedures and criteria.
•Categorize incidents & events, and partner with appropriate authorities in the production of security incident reports.
•Coordinate with other DISA organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events.
•Build timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions.
•While not in a period of incident response, you will conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident.
•Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs). This root-cause analysis will include documenting recommendations for corrective action.
•Systems administration of desktop and server systems linked to local and wide area networks.
•Investigate compromised endpoints, identifying IOCs within the environment and conveying to users and other teams impact of discovered events.
•Support Day Shift/Core hours.
•Bachelor’s degree and 4+ years of relevant experience; additional years of experience may be substituted in lieu of a degree.
•Must have an active DoD IAT Level II certification, prior to start (Sec+).
•Systems administration experience - desktop and server systems connected to local and wide area networks.
•Troubleshooting skills and knowledge of a troubleshooting methodology.
•Incident Response Experience.
•Knowledge Management skills to follow and create documentation.
•Certifications such as CySA, CEH, GCIA, or GCIH.
•Experience with enterprise antivirus solutions.
•Experience with vulnerability scanners.
•Incident Response Certification.
•KQL/Office 365 Incident response experience.
External Referral Eligible
Pay Range $78,https://000.00 - $120,https://000.00 - $162,https://000.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.