Team Lead Cyber Fusion and Threats Analyst

Leidos has a current job opportunity for a Team Lead of the Cyber Fusion and Threats Analyst (Fusion Team) serving the DISA GSMO II program supporting the DISA Joint Operations Center (DJOC) embedded with DISA Headquarters Fort Meade MD. The candidate will support the DISA GSMO II TN13 Defensive Cyber Operations (DCO) Branch. This position will provide leadership for defensive cyber operations activities and will be expected to actively engage with a variety of customers and mission partners anticipating their needs and delivering flawlessly.

DCO Cyber Fusion Analysts are principally engaged in collecting and analyzing intelligence to correlate adversary tactics techniques and procedures reviewing classified and unclassified investigating computer and information security incidents reports intrusion and threat hunting support maintaining proficiency in operation tools and identifying trends in adversary behaviors and vulnerabilities.

PRIMARY RESPONSIBILITIES:

• Serve as a people leader for personnel supporting the Cyber Fusion team by conducting:
  • Annual performance assessments to include periodic check ins
  • Approving or validating time charging for both Leidos and vendor personnel providing coaching and mentoring to personnel.
  • This includes training and reviewing the work performed by more junior personnel.
• Maintain situational awareness of cyber activity by reviewing DoD Intelligence Community and opensource reporting for new vulnerabilities malware or other threats that have the potential to impact the DoDIN.
• Guide Drive Task and prioritize the teams efforts as they align to the customer initiatives and projects to ensure mission success.
• Support missioncritical Continuity of Operations (COOP).
• Synthesize summarize consolidate and share potentially malicious activities on the DoDIN with DISA and mission partner organizations by creating incident reports wiki updates collaboration/chat tippers and notifications DoD incident handling database queries metrics and trend reports.
• Assist in providing threat and vulnerability analysis as well as security advisory services and recommendations.

BASIC QUALIFICATIONS:

• BA/BS or equivalent experience and 5 years or prior relevant experience or Masters with 3 years of prior relevant experience. Additional experience may be accepted in lieu of degree.
• Must have and maintain an active Top Secret/SCI clearance.
• Must have DoD8570 IAT Level 2 baseline certification (Security CE or higher) at start date and be able to obtain CSSPA certification within 180 days of start date.
• Prior Military Civilian or LE Intel Community (IC) Experience
• Proficient understanding of Cyber Network Defense (CND) in regards to protect detect respond and sustain within a Computer Incident Response organization.
• Excellent verbal and written communication skills including the ability to clearly articulate technical and strategic level cyber matters to a variety of audiences.
• Highly developed research and analytical skills to pinpoint statistically significant patterns related to cyber threats.
• Understanding of TCP/IP common networking ports and protocols traffic flow system administration OSI model defenseindepth.

PREFERRED QUALIFICATIONS:

• Hands on Experience working with DoD Networks including NIPR and SIPR
• Motivated initiative driven person with strong written and verbal communication skills replying to official communications via email or phone with the ability to report or speak to complex technical reports on analytical findings.
• Demonstrated understanding of the life cycle of cybersecurity threats attacks attack vectors and understanding of intrusion set tactics techniques and procedures (TTPs)
• Experience with Mil Cloud Commercial Cloud DISA and DoD Networks.
• Working knowledge of cyber operational security log analysis NetFlow analysis incident response malware analysis computer forensics and/or cybercrime.
• Advanced Certifications such as SANS GIAC/GCIA/GCIH CISSP or CASP.
• Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
• Working knowledge and proficiency utilizing Wireshark and Splunk analysis tools.
• Experience in intelligence driven defense and/or Cyber Chain (CKC) methodology; knowledge of Advanced Persistent Threat (APT) and other cyber threat modeling frame works.
• Working knowledge of the U.S. Intelligence Community and/or Fusion centers

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.