DCO Analyst Support - Military veterans preferred

The Leidos Defense Group has openings for future roles Defensive Cyber Operations Analyst on the GSM-O II program supporting Joint Force Headquarters DODIN at Fort Meade, Maryland.

There are two different levels of positions. All require a Bachelor's degree in a related discipline additional OR related years of experience may be accepted in lieu of a degree.

• BA and 8+ years of experience
• BA and 12+ years of experience

Program Summary:

GSM-O II enables Current Operations Command, Control, and Defensive Cyber Operations (DCO) functions across all - Combatant Commands, Service Cyber Components, Agencies, and Field Activities’ (CC/S/A/FAs) Area of Operations (AOs) in addition to 24/7 coordination with USCYBERCOM and other partner agencies.

Primary Responsibilities:

• Identify problems, determine accuracy and relevance of a broad range of technical information. Use sound judgment to generate, evaluate, and execute alternative courses of action. Produce timely, effective, decision-quality technical recommendations to support DODIN senior leadership.
• Includes mentoring and reviewing work. Planning/scheduling to ensure milestones are completed in accordance with the program work statement.
• Serve as a lead for planning, coordination, implementation, validation, mitigation, and compliance of cyber security tasks. Execute continuous network monitoring and incident handling/problem resolution. Triage events, incidents, and assist with developing AO specific trends.
• Support various collaborative and cross functional forums (Intelligence, Current Operations, Future Operations, Logistics, Planning, Resourcing and Requirements) to achieve centrally coordinated, threat informed and prioritized vulnerability scoring and mitigation methodology.
• Provides master level support, analysis, and research into exceptionally complex problems, and processes. Serves as technical expert on executive-level project teams providing technical direction, interpretation, and alternatives.
• Leverage intelligence and operational data, information, and processes to identify threats, improve security, and reduce the enterprise’s exposure to vulnerabilities.
• Vast background and in-depth experience with various Cyber/SIEM tools to include, Xpanse, CMRS, Splunk, Threat Vault, Wireshark, etc. Possess the technical expertise to make recommendations on new technologies to enhance the DODIN’s overall security posture.
• Actively engage with a variety of customers and mission partners, anticipating their needs, and delivering flawlessly. This includes gathering data and metrics to draft/author Concept of Operations (CONOPS), Standard Operation Procedures (SOPs), and Tactics, Techniques, and Procedures (TTPs) relevant to the Cyber domain.

Required Qualifications:

• Must have an active TS/SCI Clearance and eligible for polygraph
• DoD-8570 IAT Level II baseline certification (Security+ CE or equivalent as a minimum)
• Knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies (TTPs)
• Computer Network Defense (CND) experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization. Requires a deep understanding and the ability to apply cyber security related principles, theories, and concepts.
• Leadership experience in a 24x7 environment. This includes mentoring, training, and reviewing the work performed by more junior personnel.
• Work independently and as part of a team to develop solutions to issues that are unclear and require deep technical knowledge.

Preferred Qualifications:

• Experience with JFHQ-DODIN, DISA, and DoD Networks.
• Motivated self-starter with exceptional written and verbal communication skills. Demonstrated experience briefing and advising Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership regarding matters of strategic importance.
• Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP.
• Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intelligence driven defense and/or Cyber Kill Chain methodology.

GSMO