Help Desk Tier 2/ Help Desk Tier 3

Leidos•Orlando, FL

1d•Onsite

About The Position

Join #TeamLeidos as a Help Desk Tier 2 / Tier 3 member Location: Orlando, FL (no telework) and must be willing and able to work onsite. Security Clearance: active and current Secret with ability to obtain and maintain TS/SCI. This posting is for an opportunity ranging in years of experience. Level of opportunity, including compensation, will be matched to a candidate’s experience. The Decision Advantage Business Area at Leidos has multiple openings for Tier 2 / Tier 3 Help Desk Network and Security Operations personnel to work in our Orlando, FL office. Our team supports the Department of the Air Force (DAF) Battle Network and supporting infrastructure. These personnel will be involved in day-to-day activities and strategic long-term maturation of complex systems. Details are as follows: Works under moderate supervision for routine tasks. Review day-to-day planned activities and shift tie in to understand system status and ongoing efforts. Attend daily briefings/meetings to discuss threats, updates, and operational goals. Verify operational status of security tools Ensure logs and alerts are being ingested properly into monitoring platforms Analyze escalated incidents from Tier 1 Prioritize incidents based on severity and potential impact Has substantial understanding of job requirements and overall function Document all actions taken during shift and prepare detailed artifacts to support stakeholders Update policies and procedures based on lessons learned Primary Responsibilities Incident Analysis and Response - Perform in-depth analysis of security incidents escalated from Tier 1, Investigate and respond to complex network and security threats, including malware, phishing, and intrusion attempts. Conduct root cause analysis to identify vulnerabilities and recommend mitigation strategies. Threat Hunting - Proactively search for indicators of compromise (IoCs) and advanced persistent threats (APTs) within the network. Utilize threat intelligence feeds and tools to identify emerging threats and assess their impact on the organization. Network Monitoring - Monitor network traffic and system logs for anomalies and suspicious activities. Use advanced tools such as SIEM (Security Information and Event Management) platforms to correlate events and detect patterns. Escalation Management - Act as the escalation point for unresolved issues from Tier 1. Escalate critical incidents to Tier 3 or management when necessary, providing detailed documentation and analysis. Vulnerability Management - Conduct vulnerability assessments and scans using tools like Nessus, Qualys, or OpenVAS. Collaborate with IT teams to remediate identified vulnerabilities and ensure compliance with security policies. Incident Documentation - Maintain detailed records of incidents, including timelines, actions taken, and resolution outcomes. Prepare post-incident reports and lessons learned documentation.

Requirements

Bachelors Degree in Computer Science, Information Technology, Cybersecurity, Network Engineering or equivalent with 2 – 4 years of prior relevant experience or Masters with less than 2 years of prior relevant experience.
Active and current Secret with ability to obtain and maintain TS/SCI.
CompTIA Security+ or equivalent DoD 8140 Intermediate certification required.
Certified Ethical Hacker.
Cisco Certified CyberOps.
Microsoft Certified: Security, Compliance and Identity Fundamentals.
Experience and knowledge of PC MS Office/M365 applications & ability to work firsthand with customers.
Experience in handling sensitive data for commercial and/or Government customers.
Bachelors Degree in Computer Science, Information Technology, Cybersecurity, Network Engineering or equivalent with 4 – 8 years of prior relevant experience or Masters with 2 – 6 years of prior relevant experience.
Active and current Secret with ability to obtain and maintain TS/SCI.
CompTIA Security+ or equivalent DoD 8140 Intermediate certification required.
Certified Ethical Hacker.
Cisco Certified CyberOps.
Microsoft Certified: Security, Compliance and Identity Fundamentals.
Experience and knowledge of PC MS Office/M365 applications & ability to work firsthand with customers.
Experience in handling sensitive data for commercial and/or Government customers.

Nice To Haves

Certified Information Systems Security Professional (CISSP)
GIAC Security Essentials (GSEC)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)

Responsibilities

Incident Analysis and Response - Perform in-depth analysis of security incidents escalated from Tier 1
Investigate and respond to complex network and security threats, including malware, phishing, and intrusion attempts.
Conduct root cause analysis to identify vulnerabilities and recommend mitigation strategies.
Threat Hunting - Proactively search for indicators of compromise (IoCs) and advanced persistent threats (APTs) within the network.
Utilize threat intelligence feeds and tools to identify emerging threats and assess their impact on the organization.
Network Monitoring - Monitor network traffic and system logs for anomalies and suspicious activities.
Use advanced tools such as SIEM (Security Information and Event Management) platforms to correlate events and detect patterns.
Escalation Management - Act as the escalation point for unresolved issues from Tier 1.
Escalate critical incidents to Tier 3 or management when necessary, providing detailed documentation and analysis.
Vulnerability Management - Conduct vulnerability assessments and scans using tools like Nessus, Qualys, or OpenVAS.
Collaborate with IT teams to remediate identified vulnerabilities and ensure compliance with security policies.
Incident Documentation - Maintain detailed records of incidents, including timelines, actions taken, and resolution outcomes.
Prepare post-incident reports and lessons learned documentation.