Endpoint Cybersecurity Analyst
The Leidos Cybersecurity Capabilities Organization has an immediate opening for a motivated Endpoint Cybersecurity Analyst to join the Endpoint Cybersecurity Operations team. This position can be supported from Orlando – FL or Reston - VA.
You will join a team of other endpoint cybersecurity analysts in providing day to day operational support across a range of Leidos managed enterprise endpoint security solutions. This role focuses on learning to support & maintain industry leading cyber security products while gaining experience defending a Fortune 500 organization. Working closely with the Endpoint Cybersecurity Engineering team, you will be expected to "think like an adversary" and provide analyst-centric input into every phase in the Cyber Defense development process from an endpoint security perspective. Additionally, you will provide written documentation in support of the Endpoint Cybersecurity Operations standard operating procedures (SOPs), and contribute to the technical innovation that will evolve Leidos' defensive capabilities and methodologies.
Primary Responsibilities Include:
Daily ticket queue management.
Operational support & maintenance for endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR).
Rotational on-call responsibilities.
Technical control implementation & enforcement based on inputs received by the Leidos Cybersecurity Intelligence & Response Center (CSIRC), Endpoint Cybersecurity Engineering team, and other internal organizations, leaders, stakeholders where applicable.
Support change management tasking relative to the security policies associated with the endpoint security solutions that you support.
Work closely with your team lead\manager to ensure tasks are executed on time.
Ensure documentation relative to the supported endpoint security products, procedures, services, etc., are written and centrally accessible.
Create and monitor reporting for compliance.
Provide assistance in troubleshooting complex problems across the endpoint security solutions.
Provide inputs back to the Endpoint Cybersecurity Engineering team with the goal of identifying and remediating existing gaps in vendor solutions and platform technologies.
Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals.
Take direction & guidance from the endpoint cybersecurity engineering team (and others) and perform other tasks as assigned.
Bachelor's degree in Computer Science, Computer Engineering, Information technology, or other Cyber Security field from an accredited university. Additional years of relevant experience may be considered in lieu of Bachelor's degree.
At least 2 years of prior relevant experience, including endpoint security experience.
Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences.
Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.
Fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.
Understanding of Operating Systems and Network Protocols.
Foundational understanding of advanced threat detection in an enterprise environment.
Foundational understanding of malware families, their types, and the threat they pose
US Citizenship is required and able to obtain security clearance.
Experience operating, troubleshooting, and maintaining endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR, cloud based solutions).
Knowledgeable of forensic procedures and practices including imaging and memory analytics. Specifically the design, maintenance, and documentation of enterprise forensic capabilities. (Popular commercial products include: EnCase, FTK, and others)
Windows 10 security best practices and configurations.
Linux System Administration experience or experience with Linux OS hardening.
Proficiency with Microsoft Windows administrative & troubleshooting tools.
Demonstrated experience performing cybersecurity analysis from an operators point-of-view
Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
Functional understanding of scripting languages (Batch, Powershell, Python, VBScript, etc.)
GIAC GCIA Certification or other cyber security certifications are a plus.
Experience with Splunk (preferred) or other SIEM platform.
Experience with Cloud-based information protection and cyber security.
Eligible to obtain a DoD Secret Security Clearance.
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Scheduled Weekly Hours:
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to email@example.com.
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.