Vacancy expired!
Description
Job Description:Leidos is seeking a Junior Cyber Network Defense Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides security operations center (SOC) support, cyber analysis, application development, and a 24x7x365 support staff. The Monitoring and Analysis team provide 24x7 support across 4 different shifts. We have Front half shifts (day and night) and back half shifts (day and night). The front half shift will work 12 hour shifts from Sunday - Tuesday and alternating Wednesdays. The back half shift will work 12 hour shifts from Thursday - Saturday and alternating Wednesdays. Candidates must have the ability to work non-core hours, if necessary.Primary Responsibilities- Utilize a SIEM for enterprise monitoring and detection
- Create Security Event Notifications to document investigation findings
- Perform critical thinking and analysis to investigate cyber security alerts
- Analyze network traffic using enterprise tools (e.g. Full PCAP, Firewall, Proxy logs, IDS logs, etc)
- Collaborate with team members to analyze an alert or a threat
- Stay up to date with latest threats
- Monitor shared email box for notifications and requests
- Utilize OSINT to aid in their investigation
- Contribute to content tuning requests
- Network Administration
- Unix/Linux Administration
- Software engineering
- Software development
- Systems administration
- Help desk/IT support
- Familiarity with a SOC's purpose and role within an organization
- General understanding of common network ports and protocols (e.g. TCP/UDP, HTTP, ICMP, DNS, SMTP, etc)
- Familiarity with network topologies and network security device functions (e.g. Firewall, IDS/IPS, Proxy, DNS, etc).
- Familiarity with packet analysis tools such as Wireshark
- Able to perform critical thinking and analysis to investigate cyber security alerts
- Familiarity with common malware and attack vectors
- Familiarity with Windows operating systems and standard OS logging
- Familiarity with Antivirus, DLP, and host based firewalls
- Comptia: Security+, Network+, CASP
- SANS GIAC: GCIA, GCIH, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON, GISF, or GCIH
- EC Council: CEH, CHFI, LPT, ECSA
- ISC2: CCFP, CCSP, CISSP CERT CSIH
- Offensive Security: OSCP, OSCE, OSWP and OSEE
- Familiar with SOC methodologies and processes
- Familiarity with scripting languages (e.g. Python, Powershell, Javascript, VBS etc)
Vacancy expired!