Tier II Security Analyst
Department of Homeland Security (DHS), Federal Emergency Management Agency (FEMA) Security Operations is responsible to prevent, identify, contain and eradicate cyber threats to FEMA networks through monitoring, intrusion detection and protective security services to FEMA information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The FEMA Security Operations is responsible for the overall security of FEMA Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.
The DHS FEMA Program has a critical need for a Tier II Cyber Security Analyst. This is a full-time position based in Bluemont, VA (Mount Weather). This position does not have Telecommuting Options and is 24x7 support (shifts).
The ideal candidate will have a basic understanding of cyber threats, information security, security monitoring, threat detection, incident response, and incident handling (NIST SP 800-61). The candidate should be familiar with conducting security monitoring in a SIEM such as Splunk or other like-tools. The candidate must be familiar with TCP/IP ports and protocols, IDS/IPS systems, and basic incident handling and response concepts. Tier 2 Analyst should have expertise in at least one of the following specialized areas:
- Email security
- Digital media forensic
- Monitoring and detection
- Incident Response
- Vulnerability assessment and pen test
- Cyber intelligence analysis
EDUCATION & EXPERIENCE:
Requires Bachelors’ degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and minimum of 4 years of professional experience in incident detection and response, malware analysis, or cyber forensics. Additional years of experience and Cyber Certifications may be considered in lieu of a degree.
Minimum of a current Top Secret Clearance with the ability to obtain TS/SCI. In addition to specific security clearance requirements all Department of Homeland Security employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
Must have at least one of the following certifications: SANS GIAC: GCED, GCIA, GCFA, GPEN, GWAPT, GCFE, GREM, GXPN, GMON or GCIH ISC2 CCFP, CCSP, CISSP CERT CSIH EC Council: CHFI, LPT, ECSA, Offensive Security: OSCP, OSCE, OSWP and OSEE EnCase: EnCE Dod 8570: IAT L3, CNDSP Analyst or IR Carnegie Mellon: CCSIH"
Extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analyses with counterintelligence and law enforcement investigations.
Experience in cyber government, and/or federal law enforcement.
Experience with Cyber Kill Chain.
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.