Cyber Security SOC Engineer
Washington, DC 
Share
Posted 12 days ago
Job Description

Description

Job Description:

Functions of this role include:
Active participant in 24x7 operations of the US Mint SOC

  • Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation
  • Proactively research and monitor security information to identify potential threats that may impact the organization
  • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc
  • Act as main investigators for potential incidents identified by Tier 1 or 2 analysts as well as any high visibility issues
  • Knowledgeable on multiple technology and system types
  • Defining protocols and maturing 'playbooks' of operational response to cyber threats
  • Ability to work within the playbooks as well as helping to define new procedures/playbooks when necessary
  • Operate autonomously to further investigate and escalate in accordance with protocols and contractual SLAs
  • Participate and lead SOC working groups. Collaborate across organizational lines and develop depth in your desired cyber discipline and/or technologies
  • Track and update incidents and requests based on client's updates and analysis results
  • Provide teaching/mentoring to SOC Tier 1 and 2 Analysts

Basic Qualifications:

  • Must be US Citizen
  • Ability to obtain public trust clearance.
  • 5+ Years of experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments
  • Experience working with threat hunting, malware reverse engineering and/or digital forensics
  • Experience with tuning and building use cases for a SIEM and preferred experience with administration of SIEM tools
  • SOC TIER 3: 8+ years of experience within specific security disciplines (ie forensics, email security, monitoring + detection, mobility, etc.)
  • In depth understanding of cyber landscape and typical threat vectors
  • In depth understanding of operational requirements and impacts of working within a FISMA High System
  • Experience speaking to and working with executive leadership as well as ability to write reports and findings to executives
  • Should have expertise on TCP/IP network traffic and event log analysis

Desired Qualifications:

  • CEH, Security+, CISSP or relevant IT technology certification.

.

Period of Performance:

The period of performance for this effort is upon award through 12/18/2021 with an option to extend through 6/18/2022.

Place of Performance:

Place of performance shall be remote.

Estimated Level of Effort:

It is anticipated that up to 40 hours per week will be required. Subcontractor is not permitted to work overtime beyond 40 hours a week without written and prior approval from the Leidos Program Manager.

EDUCATION & EXPERIENCE: BS degree and 8 - 12 years of prior relevant experience

Pay Range:

#Remote

 

Job Summary
Company
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
Bachelor's Degree
Required Experience
3 to 8 years
Email this Job to Yourself or a Friend
Indicates required fields