2024-09-20
Leidos
Other
/yr
full-time
part-time
employee
contract
Arlington
Virginia
22201
United States
Description
Are you a motivated cyber engineer with technical hands-on knowledge of mission focused systems? Are you an ethical hacker ready to apply your knowledge to National Security? Join us at the Leidos Innovations Center, Electronic Warfare Division, with a group of highly skilled and innovative individuals and a variety of exciting R&D programs.
As a Senior Cyber Systems Engineer, your will be expected to "think like an adversary" and engage in threat hunting and tactical analysis of ongoing attacks to the mission systems.
You will be leading a team of engineers to perform data analysis, investigative analysis, research on existing and emerging cyber threats, and develop tools to assist the aforementioned tasks. You will be challenged to leverage your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources.
You will also be working with Capture Managers to develop proposals, participate in marketing activities, conferences and collaboration with industry peers and adjacent parts of our business.
This role allows telework with the ability to perform work at the Leidos Arlington site as needed.
Primary Responsibilities:
• Lead small R&D projects as PI/ChEng.
• Contribute to technical volume of cyber-related proposals.
• Analyze network and host activity associated with both successful and unsuccessful intrusions by advanced attackers.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output.
• Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the system.
• Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering.
• Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.
• Contribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organization.
• Participate in threat hunt operations using known adversary tactics, techniques and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise.
• Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
Basic Qualifications:
• BS Degree and 15+ years relevant experience in cyber security or network defense
• Strong leadership skills for taking a team of engineers from multi-disciplinary domains and successfully completing R&D projects.
• Strong technical execution experience as PI/ChEng, which includes technical planning and labor estimation.
• Strong understanding of Linux-based operating systems, and network stack/routing/interconnectivity.
• A deep understanding of advanced cyber threats targeting mission systems, along with the tools, tactics, and procedures used by those threats.
• Experience performing intrusion analysis, digital forensics, and correlation of log data from multiple sources including PCAP and forensic artifacts.
• Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports.
• Working knowledge with AI/ML
• Working knowledge with Python and C++, and the Linux/Unix command line.
• Must be eligible to obtain a Secret security clearance.
Preferred Qualifications:
• Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
• Strong understanding of Mobile Operating Systems and Mobile Networks.
• Previous experience as Threat Researcher and/or Intelligence Analyst.
• Experience with dynamic malware analysis, and reverse engineering.
• Experience in cryptography or cryptanalysis
• Ability to create, modify, and implement both Snort and YARA signatures.
• Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques.
• Relevant certifications such as CISSP, SANS GIAC, CEH, etc.
• Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders.
• Published research papers at conferences or through other mediums (blogs, articles).
LInC
Electronic Warfare
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.