Lead Incident Responder

At Leidos, we help our customers execute programs for the world’s most critical missions. We respond to challenges and deliver next generation of agile, cohesive solutions for today’s rapidly changing environment. Leidos is seeking a Security Operations Center (SOC) Lead / Lead Incident Responder to join the Federal Civil IT team’s within the Digital Modernization Sector. This position will be supporting the cybersecurity program of a federal agency within the Washington DC area.

The Security Operations Center (SOC) Lead / Lead Incident Responder is a key role and will serve as the Leidos primary interface to the Program Manager and Government lead on all matters pertaining to cybersecurity operations and incident response. The successful candidate will provide senior technical leadership and coordination to an enterprise Security Operations Center (SOC) working in a 24x7 operational environment. This position requires daily interaction with management, security personnel at customer sites, and government personnel with other federal agencies. Applicant must be a positive, flexible, self-starter requiring minimal direct supervision, and able to excel as a leader in the fast-paced cybersecurity industry. Exceptional management, communication and interpersonal skills are a necessity; including the ability to effectively communicate via written and verbal media. The SOC Lead is responsible for providing technical oversite and managing the scheduling of SOC activities and advancing the state of analysis with techniques and tools.

Basic Qualifications:

• US Citizenship
• Public Trust Clearance
• PMI-PMP or equivalent certification.
• Information Technology Infrastructure Library (ITIL) 4 Foundation Certification
• Certified Information Systems Security Professional (CISSP) certification
• One of the following certifications: Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), or similar certifications.
• Requires BS degree and 12 – 15 years of prior relevant experience 4+ years of experience working in a SOC environment
• 3+ years of Incident Response and Incident Management experience
• Managed 24x7x365 Security Operations Center while establishing operational rhythm and standards
• Establish and maintain a forward-leaning operational tempo that includes continual validation and improvement across all SOC functions
• Experience working with SIEM/SOAR technologies
• Knowledgeable with EDR technologies
• Experience reporting on SOC activities and deliver SOC recommendations in accordance with government and contractual requirements
• Develop processes, procedures, and SOPs for operational capabilities
• Knowledge of cyber threats and vulnerabilities as they relate to the cyber security area of expertise
• Knowledge of specific operational impacts of cyber security lapses as they relate to the cyber security area of expertise
• In-depth understanding of cyber security architectures, technical platforms, threat management standards and industry best practices
• Technical (hands-on) experience with Splunk, Malware Analysis, Security Monitoring, Cyber Security Compliance, Cyber Security Risk assessments, and technical procedure documentation

Preferred Qualifications:

• CISM, GSLC or CCISO Certifications
• 10 years successful enterprise experience in an IT or technology related field supporting federal government strongly preferred with the last 5 years supporting large government technical BPAs / contracts
• Knowledge and familiarity with the fundamental of agile project management
• Experience working in both Classified and Unclassified operations

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.