Incident Response Cyber Security Engineer
Washington, DC

Job Description

Job Description:

Functions of this role include:

* Respond to cyber incidents, including responding to N-CIRT phone calls and emails, and preparing situational awareness reports for NOAA and/or DOC management.
* Act as main investigators for potential incidents identified by Tier 1 analysts.
* Investigate phishing and self-identified potential cyber threats (phishing emails sent to the CIRT).
* Knowledgeable on multiple technology and system types
* Defining protocols and maturing 'playbooks' of operational response to cyber threats
* Working within the playbooks as defined
* Operate autonomously to further investigate and escalate in accordance with protocols and contractual SLAs, including DOC and US-CERT in compliance with US-CERT incident reporting and guidelines.
* Lead/support on-site investigations, forensics, and provide mobile device support.
* Maintain chain of evidence in accordance with incident handling procedures and in compliance with NOAA and Commerce procedures.
* Participate regularly in IR working group sessions. Collaborate across organizational lines and develop depth in your desired cyber discipline and/or technologies.

BASIC Qualifications:

* Must be US Citizen. Must be able to obtain and maintain security clearance, specifically DoD/Top Secret Clearance or TS/SCI (Interim Secret acceptable).
* Must have 1/more of : CERT Certified Computer Security Incident Handler; Electronic Commerce Council Certified Ethical Hacker (ECC); GIAC Information Security Fundamentals (GISF); ISC2 CISSP 3+ years experience within cyber incident handling and/or cyber operations
* IR Analyst Level II Category: 3+ years experience within specific security disciplines (ie forensics, email security, monitoring + detection, mobility, etc.)
* IR Analyst Level III Category: 5+ years experience within specific security disciplines (ie incident response, vulnerability management, cyber intelligence, threat hunting)
* In depth understanding of cyber landscape and typical threat vectors
* In depth understanding of operational requirements and impacts of working within a FISMA High System.
* In depth understanding of cyber landscape and typical threat vectors
* Security or relevant IT technology certification (or as approved by Government to obtain within 6 months of start date)
* In depth understanding of operational requirements and impacts of working within a FISMA High System.
* Understanding of US-CERT incident reporting and guidelines.
* Strong interpersonal skills working directly with VIP end users in a highly visible and mission critical environment.
* Physically present (shifts) during Core Office Hours: 7am - 6pm with rotational on call support required for the program.

Education;

Typically requires Bachelors and 4-8 years of exp, will consider years exp. in lieu of degree.

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 32,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com .

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here .

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to spam.leidos@leidos.com .

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.