Security Infrastructure Lead

About The Position

Requirements

• Must have an active DoD TS/SCI clearance
• Must have DoD 8570 IAT II or higher certification (Security+ CE or equivalent) prior to start
• Must obtain a DOD-8570 CSSP Infrastructure Support certification within 6 months of start
• Bachelor's degree and 12+ years of professional experience; additional military service and/or relevant work experience may be considered lieu of a degree
• 2+ years of technical experience deploying and maintaining cybersecurity tools, especially IDS/IPS capabilities
• Prior experience supervising employees of various labor categories and skills in efforts similar in size and scope.
• Demonstrated experience with configuring, maintaining, and troubleshooting cybersecurity infrastructure and capabilities.
• Demonstrated knowledge of network traffic and communications, including known ports and services.
• Hands-on experience with the Windows and Linux operating system and their respective command line interfaces and scripting shells

Nice To Haves

• Experience with automation and orchestration frameworks (ex. Ansible, Puppet, Chef)
• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities
• Demonstrated understanding of the life cycle of cybersecurity threats (internal and external), attacks, attack vectors and methods of exploitation with an understanding of intrusion set TTPs
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings
• Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
• Prior hands-on experience as a SOC analyst

Responsibilities

• Work with government counterparts, contractors, and internal team members to deploy and manage policies, rules, and signature sets on cybersecurity capabilities
• Manage high-priority tasks and outages
• Maintain, develop, and improve Security Infrastructure standard operating procedures and tactics, techniques, and procedures (TTPs)
• Maintain complete and current network and elevation diagrams for all managed security equipment
• Coordinate and comply with applicable change control boards and corresponding processes
• Advise and strategize with government and program leadership on ways to improve the security infrastructure, requiring multi-dimensional problem solving and ingenuity with impact on multiple aspects of the mission
• Provide briefings to program/project leadership, government leadership, and other internal stakeholders on security infrastructure status, updates/patches, issues, and/or upgrades
• Operate and maintain cybersecurity capabilities to include IDS/IPS/Netflow/SIEM/Snort/Linux/Virtualization etc
• Ensure Compliance standards
• Serve as a people leader for the SIMs team: Conduct annual performance assessments to include periodic check ins.
• Validate/approve time charging for both Leidos and vendor personnel.
• Provide coaching/mentoring to personnel.
• Develop and Execute Continual Service Improvement technical strategies to modify and enhance operational processes and impact strategic project/program goals and business results.