Mid-Level Defensive Cyber Software Developer

Leidos•Huntsville, AL

1d•Onsite

About The Position

Leidos has a new and exciting opportunity for a Mid-Level Defensive Cyber Software Developer in our National Security Sector's (NSS) Cyber & Analytics Business Area (CABA). Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. The Mid-Level Defensive Cyber Software Developer will work with a diverse, highly skilled team to develop unique solutions for Cyber, EW, and PNT threats against US weapon systems. Our products are responsible for alerting our varied array of customers of potential cyber and EW attacks by creative Adversaries highly skilled at attacking. With that problem set in mind, our solutions need to be developed by equally creative minds that enjoy digging, researching, programming, questioning, and generally learning all they can to anticipate in every way possible. Since there are such broad attack vectors, our approach to developing detection measures and mitigations needs to have an equally broad scope. This position will grow and shift depending on skillsets gained as well as needs identified, as all the positions in our department do. Initially, we are seeking someone with skills in both Cyber (vulnerability research to detection engineering) and Programming (scripting to application development). This is a full-time on-site position with the Leidos Cyber Electromagnetic Activity (CEMA) team that is based in Huntsville, Alabama, and will require the candidate to be able to obtain and maintain a TS/SCI Clearance.

Requirements

Bachelor’s Degree in computer science, computer engineering, cybersecurity, or similar degree with 4-8 years of experience.
Minimum 4+ years of professional development in various programming languages with the ability to show ability either through GitHub, print outs, or even provided media).
Intermediate Python and Bash
Minimum 4+ years of professional cyber focused experience, or 6+ years of personal cyber focused experience such as capture the flag (CTF) events, extensive home hardening, conferences, sharable projects, or other similar endeavors.
A good understanding of networking – protocols at all layers of the networking stack and network architecture accompanied with various tooling needed for network analysis such as Wireshark.
Working knowledge of Linux on CLI (scripting, daemons, resource monitoring, networking, which ever editor you wish to argue is best, etc.).
Must be a US CITIZEN and be able to obtain and maintain a TS/SCI Clearance

Nice To Haves

Hands-on experience within a security operations center (SOC) with at least one SIEM under your belt as well as an experience with threat hunting that can be properly relayed during the interview.
Experience with C/C++, Web Development, Agile process, and all the normal programming buzz words you might want to tell us about.
Experience with Network Security Monitoring (NSM)
Experience with writing custom detection rules in Suricata, Snort, Yara, Sigma, and/or similar formats
Certifications such as Network+, Security+, CySA+, Linux+, PenTest+

Responsibilities

Developing software and/or techniques in the protection of data, networks and host-centric capabilities, as well as detection of, identification of and response to attacks.
Research and development of signature-based and behavior-based defensive techniques against adversarial attacks on tactical networks.
Developing technical solutions that require collaboration with internal and external experts as well as; deep analyses and understanding of impact on end-product/solution.