SOC Technical Lead

POSITION SUMMARY:

Through the J6 Penetration Handling Incident System Health (PHISH) support services task order on the GSM-O contract we provide IT products services and solutions to the Pentagon and other DoD offices and agencies for them to meet mission and business requirements. Our Cybersecurity team performs cyber defensive actions in support of J6 to prevent detect respond and recover from adversarial activities.

This position provides technical leadership to the J6 Security Operations Center (SOC) lead and staff. Beyond advising and guiding technical matters this position is tasked with driving implementation and adoption of new tools capabilities frameworks and methodologies while ensuring those already in use are implemented and utilized properly.

PRIMARY RESPONSIBILITIES:

Serve as a people leader for personnel supporting the Transport and End Point Services watch desk:

• Conduct annual performance assessments to include periodic check ins.
• Validate/approve time charging for both Leidos and vendor personnel.
• Provide coaching/mentoring to personnel.
• Develop and Execute Continual Service Improvement technical strategies to modify and enhance operational processes and impact strategic project/program goals and business results.

Provide an in-depth knowledge and understanding of:

• Provide technical leadership to JSP DCO Security Operations Center
• Drive implementation and adoption of new tools capabilities frameworks and methodologies across all teams within the SOC
• Provide technical guidance and support to SOC lead
• Work with Security Infrastructure team to address issues with SOC tools and data feeds
• Identify and offer solutions to gaps in capabilities and visibility
• Promote and drive implementation of automation and process efficiencies

BASIC QUALIFICATIONS:

• Active Top Secret security clearance is required and Top Secret Sensitive Compartmented Information (TS/SCI) Eligible (DIA Adjudicated or capable of reciprocal acceptance by DIA)
• Bachelors degree and 12 years of prior IT experience. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
• 5 years of intrusion detection and/or incident handling experience.
• DoD 8570 IAT III and CSSP Infrastructure Support certifications required prior to starting
• Prior experience supervising employees of various labor categories and skills in efforts similar in size and scope.
• Advanced knowledge of solution development techniques and best practices related to demonstration pilot and test management and operations.
• Demonstrated advanced knowledge of industry accepted standards.
• Demonstrate experience with researching and fielding new and innovative technology;
• Demonstrate advanced experience in configuring cybersecurity tools to feed events alerts and logs to SIEM technologies.
• Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic finding.
• Strong analytical and troubleshooting skills.

PREFERRED QUALIFICATIONS:

• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
• Experience implementing automation to reduce mundane tasks and expedite processes.
• Hands-on cybersecurity experience (Protect Detect Respond and Sustain) within a Computer Incident Response organization.
• Demonstrated understanding of the life cycle of cybersecurity threats attacks attack vectors and methods of exploitation with an understanding of intrusion set tactics techniques and procedures (TTPs).
• Motivated self-starter with strong written and verbal communication skills and the ability to create complex technical reports on analytic findings.
• Familiarity or experience in Intelligence Driven Defense Cyber Kill Chain methodology and/or MITRE ATT&CK framework.

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.