2024-04-25
AppCast (https://www.appcast.io)
Other
/yr
full-time
employee
Arlington
Virginia
22201
United States
Description
Are you a motivated cyber engineer with technical hands-on knowledge of mission focused systems? Are you an ethical hacker ready to apply your knowledge to National Security? Join us at the Leidos Innovations Center, Electronic Warfare Division, with a group of highly skilled and innovative individuals and a variety of exciting R&D programs.
As a Cyber Systems Engineer, you will be expected to "think like an adversary" and engage in threat hunting and tactical analysis of ongoing attacks to mission systems. You will perform data analysis, investigative analysis, research on existing and emerging cyber threats, and develop tools to assist the aforementioned tasks. You will be challenged to leverage your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources. You will also be provided a tremendous opportunity for growth through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business.
This role allows telework with the ability to perform work at the Leidos Arlington site as needed, approximately 20-50%.
Primary Responsibilities:
Participate in threat hunt operations using known adversary tactics, techniques, and procedures, as well as threat indicators, to detect advanced threats.
Leverage knowledge of cyber tactics, techniques, and procedures associated with advanced, highly dynamic threats to design and develop countermeasures to mitigate advanced threats.
Analyze network and host activity associated with both successful and unsuccessful intrusions by advanced threats.
Perform network traffic analysis of raw packet data, net flow, IDS, and custom sensor output.
Employ advanced forensic tools and techniques for attack detection, reconstruction, and intelligence gathering.
Document threats via threat intelligence reports.
Research emerging cyber threats. Apply analytical understanding of attack methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.
Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
Basic Qualifications:
BS Degree and 8+ years relevant experience in cyber security and/or network defense
Strong understanding of network stack/routing/interconnectivity.
Strong understanding of Linux/Unix-based operating systems.
Basic understanding of mobile operating systems, network stacks, and network app build procedures.
A deep understanding of advanced cyber threats targeting mission systems, along with the tools, tactics, and procedures used by those threats.
Experience performing intrusion analysis, digital forensics, and data correlation from multiple sources including PCAP and forensic artifacts.
Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics-driven reports.
Proficiency with Python and C++ and Linux/Unix shells.
Must have a Secret clearance and be able to obtain a TS/SCI.
Desired Qualifications:
Strong understanding of mobile operating systems, network stacks, mobile networks, and application build procedures, spanning both Android and iOS.
Previous experience as Threat Researcher and/or Intelligence Analyst.
Experience with dynamic malware analysis, and reverse engineering.
Experience in cryptography or cryptanalysis.
Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
Ability to create, modify, and implement both Snort and YARA signatures.
Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA), and Computer Network Defense (CND) tools and techniques.
Working knowledge of AI/Machine Learning
Relevant certifications such as CISSP, SANS GIAC, CEH, etc.
Capable and comfortable communicating actionable threat intelligence to both technical and program-level stakeholders.
Published research papers at conferences or through other mediums.
LInC
Electronic Warfare
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
