2025-08-05
Leidos
Other
/yr
full-time
part-time
employee
contract
Stuttgart
00000
Germany
Description
Leidos has an excellent opportunity for an experienced, self-directed, Cyber Security Analyst, located in Stuttgart, Germany.
PROGRAM SUMMARY:
This program provides critical Communications and Information Technology Services to support U.S. Africa Command, U.S. European Command, Combined Joint Task Force - Horn of Africa, Southern European Task Force, and associated staff elements and organizations. It provides our war fighters support in their mission to keep threats and vulnerabilities as low as possible by ensuring their computer network is stable, undisrupted and secure.
PRIMARY RESPONSIBILITIES:
Operates the security and compliance baseline configuration, inventory, and best practices for the vulnerability management solution (VMS) deployed across multiple unclassified and classified network locations supporting the implementation for Tenable products within Assured Compliance Assessment Solution (ACAS) including .SC (SecurityCenter™) and Nessus® scanners; also 2.0 Architecture Components: Nessus Networking Monitor (NNM), Nessus Manager and Nessus Agents use cases.
Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy.
Assess the level of risk, develop or recommend meaningful insights about the context of an organization threat environment to improve its risk management posture; measure effectiveness of systems/networks/endpoints that deviate from acceptable configurations, enclave or local policy.
Work in concert with other Tenable operators, integrator and IA personnel responsible for operating and maintaining the ACAS program in multiple enclaves.
Candidate will coordinate system activities such as deploying, configuring, monitoring, tuning, upgrading, and troubleshooting Tenable components spanning local, remote and complex environments.
Record configurations, conduct assessments and submit suggestions to scan schedule(s), scanners scan zones, and repository management.
Responsible for acquiring, configuring and ensuring external deliverables: DISA/Continuous Monitoring and Risk Scoring (CMRS), importing vulnerability and security audit plug-ins, DoD Patch Repository Defense Asset Distribution System (DADS), build/maintain vulnerability and audit repositories.
Continuously assesses current ACAS implementations for scans, assets, analysis and permissions.
Assist with validation and sustainment of documentation such as Network Address Declaration (NAD), security groups/roles/permissions and/or zones/credentials/scans.
Document steps required to design/engineer ACAS systems for each network through ISSB (Information Systems Security Baseline).
Create network diagrams of the designs with Microsoft Visio (include specialty requirements).
Responsible to assist/troubleshoot schedule scans cover 100% of intended targets ensuring timely and accurate scanning and reporting per PMO, IA and DoD policies and orders.
Maintain the Nessus scanners connectivity with the associated Tenable.sc (formerly SecurityCenter).
Provide cybersecurity staff scanning capability and system administration continuity.
Maintain effective communications with other external and internal ACAS operations stakeholders.
Create/maintain/implement custom security policies in line with DISA ACAS best practice guidance.
Ensure external networks receive cybersecurity inventory reporting for compliance data via ACAS to DISA CMRS.
Participate in all phases of the Vulnerability Management (VM) life cycle with emphasis on the scan, patch, rescan, mitigation factors and reporting phases.
Assist in the installation/maintenance of ACAS capabilities on the backend of the ACAS system using Linux.
Review security threats and determines/implements effective countermeasures IAW established policies/regulations/directives.
Analyze network or system changes/reconfigurations for security impacts (performs risk analysis/assessment).
Monitor implemented security controls related to ACAS and report status.
Compile information and support required cyber evaluations, inspections, assessments, and reporting tasks.
Reviews security threats and determines/implements effective countermeasures IAW established policies/regulations/directives.
Compile ACAS/Vulnerability Assessment information and support required cyber evaluations, inspections, assessments, and reporting tasks.
Work in dynamic fast paced environments that require team interaction and coordination of efforts.
Interface with both client managers and system users.
Operate tools and systems that are required to support the Command's cybersecurity program.
Assist in the enhancement of AFRICOM's Cyber Threat Capability.
Provide focused operations/threat analysis on known intrusion sets.
BASIC QUALIFICATIONS:
BA/BS + 3 years recent relevant specialized or AA/AS +5 years recent relevant specialized or a major cert +7 years recent relevant specialized or years of recent specialized experience.
DOD 8140 IAT III compliance.
Must have experience setting up and executing Tenable Nessus scans, review scan data, assess reports and trends through SC interface, and determine whether a completed scan provide valid results.
Working knowledge of supporting Operating Systems: Red Hat Enterprise Linux, Windows Server 2016/2019/2022, and Windows 11.
In-depth experience with DoD IT security requirements.
TESA eligibility.
Currently hold an adjudicated Top Secret/SCI Clearance.
PREFERRED QUALIFICATIONS:
ITIL v3 – Foundation.
Experience with Red Hat Enterprise Linux, Windows, CyberArk, and Elastic.
Automation using Microsoft PowerShell, VBScript, or batch files.
Adaptable to changing circumstances and operational needs.
Understanding of Department of Defense Military standards.
Come break things (in a good way). Then build them smarter.
We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.”
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
