Cyber Network Defense Engineer

The Leidos Defense IT group has an opening for a highly motivated Cyber Network Defense Engineer at MacDill AFB, FL supporting the Global Solutions Management-Operations II (GSM-O II), Joint Communications Support Element (JCSE). The JCSE team provides en-route, early entry, scalable C4 support to Regional Combatant Commands, Special Operations Command, and other agencies. In this role, you will be responsible for ensuring that the systems security meets all DoD/JCSE requirements and design, facilitating system assessments, documentation and providing hands-on security engineering support. Key elements of this position include: Utilize provided tools to perform intrusion detection on JCSE supported systems: Perform Sys Admin functions on various cybersecurity systems; Ensure appropriate logging, reporting and response to all detected and reported incidents occurs according to RMF and DoD guidelines and regulations. Responsibilities include: Provide system administrator (ex. Linux, Windows, Firewalls, Intrusion Prevention/Detection Systems, End Point Security) support installing, operating, maintaining, troubleshooting, administrating, and cybersecurity hardening of operating systems on both the classified and unclassified systems. Implement / utilize formal network security monitoring policies and procedures that include the appropriate use of DoD-approved IDPS tools Perform Detection (Monitoring and Analysis) activities on the JCSE using Intrusion Detection System/Intrusion Prevention System sensors (IDS/IPS) Follow documented procedures for characterizing anomalous events detected by sensors and other network monitoring systems to monitor, respond, document and escalate incidents. Review and analyze logs in a timely manner to detect intruders. Coordinates with the Government to use findings to inform, expand, or focus monitoring efforts. Search for distributed, long-term, coordinated, low-visibility network-based attacks to identify possible unauthorized activity utilizing exploratory problem-solving or self-learning techniques. Suspicious/significant activity will be shared among the CND/IA community. Report potential incidents and correlated information from these incidents/events that occur on sensors using documented procedures in accordance with DoD guidance. Reviews all reported incidents, verifies that all pertinent information is recorded and confirmed, and ensures closure occurs only after all remediation and reporting activities have occurred in accordance with RMF and Federal/DoD regulations.