Cybersecurity Chief Systems Engineer

Cybersecurity Chief Systems Engineer

Vacancy expired!

Description

Job Description:

The Leidos Civil Treasury team is recruiting for a Cybersecurity Chief Systems Engineer to support our customer in the Washington, DC area.

The Senior Engineer maintains a system engineering life-cycle, including requirements analysis, design, development, integration, scripting, test, documentation, and implementation following defined best practices and operational workflows. The work includes scheduling and prioritizing in accordance with organizational needs, and establishing buy-in for the prioritization and activities. The engineer engages infrastructure solution design and architecture, information assurance, advisory, compliance, and risk management support. In addition, the position involves establishing and maintaining the schedule for delivery, deliver regular reporting, and track improvements across the environment.

Primary Responsibilities

• Conceptualize, Design, Build, and Maintain current and future ESOC supported tools and platforms.
• Serve as the senior engineer/architect to build the capabilities of the GSOC.
• Establish the rhythm for developing, deploying, tuning, and improving infrastructure; track and report on the progress and improvements; and partner with the program management to deliver continual improvements.
• Manage multiple assignments, changing priorities, and work independently with little oversight.
• Support the onboarding of data into Splunk via forwarder, scripted inputs, TCP/UDP and modular inputs from sources such as FireEye, BlueCoat proxies, Big IP, Cisco, Palo Alto, and host syslogs.
• Deliver support and guidance, and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same.
• Create, manage, and support automation solutions for Splunk deployment and orchestration within a Cloud environment.
• Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levels.
• Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.
• Conduct network security architecture reviews to determine the size, and placement of intrusion monitoring equipment during the customer onboarding process.
• Conduct periodic reviews of sensor metric reports to evaluate and prioritize sensors for review and assessment.
• Identify and make recommendations for security tools, systems and capabilities to meet customer security requirements.
• Documentation and reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order.

Bachelors Degree

• U. S. Citizen
• Active Top Secret Clearance or ability to obtain
• Bachelor's degree in an information technology discipline from an accredited college or university is required and 8 years of experience on IT/cybersecurity.
• At least 5 years of experience working in a SOC or similar monitoring center.
• Prefer at least one of the following certifications (or similar relevant certification): CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CCSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX

Experience or depth of knowledge required in the following:

• Cyber threat intelligence
• Network traffic analysis and packet capture inspection
• Tier I & II monitoring
• Malware analysis, advance analysis, analytic and methods development
• Hunting/discovery analysis
• Incident response and triage
• Alerts, incident handling and notifications
• Digital media analysis
• Network signature development
• MS Project, SharePoint, EPM Live, Visio and MS Office
• Information Technology Infrastructure Library (ITIL) capabilities
• Excellent verbal and written communication skills required.

• Experience administering Linux OS, particularly RedHat Enterprise
• Five years of software development experience in one or more of the following: technologies: Python, Java, or JavaScript; including Oracle or equivalent relational database technologies; and/or Web Application hosting on WebLogic and Tomcat.
• Deep packet analysis skills using such tools like; Wireshark, Bro, etc. for layer 7 intelligence.
• Cloud and VMWare skills - Understanding of cloud terminology, architecture, and tools to include: installing, provisioning and monitoring
• Strong capabilities to assist with automating manual installation and maintenance/patching tasks and utilization of such tools as provisioning environments with Ansible, and Docker

Desired Qualifications

• Experience with VMware & Ansible/Ansible Tower and/or Terraform
• Experience with data administration automating management of large (multi PB) S3 storage pools
• Experience working in AWS and Azure
• Experience developing in XML, Bash, JavaScript and Python, Perl, PowerShell scripts
• Experience working in an Agile development environment.
• Extensive database experience with two of SQL Server, MySQL, or Oracle

External Referral Bonus:
Ineligible

External Referral Bonus $:
0

Potential for Telework:
No

Clearance Level Required:
Top Secret

Travel:
No

Scheduled Weekly Hours:
40

Shift:
Day

Requisition Category:
Professional

Job Family:
Cyber Security Research and Development

Pay Range: