Cyber Threat Fusion & Hunt Deputy Lead
$101,400 - $183,300/Yr
Leidos - Scott Air Force Base, IL
posted 3 months ago
Full-time
Scott Air Force Base, IL
Professional, Scientific, and Technical Services
About the position
This position supports the Defense Information Systems Agency (DISA) GSM-O II program and the DISA Global Defensive Cyber Operations (DCO) organization. The role focuses on providing Cyber Threat Intelligence products, managing adversary indicators of compromise, and leading collaboration efforts in cyber threat intelligence. The position requires active engagement with various customers and mission partners, ensuring their needs are anticipated and met effectively. The GSM-O II program provides network operations and cyber defense support to the Department of Defense (DoD) and Combatant Commands (CoCOMs).
Responsibilities
- Help lead the team in areas such as cyber fusion and hunt mission, RFIs, customer/mission partner engagement, and potential to serve as people leader/manager.
- Maintain situational awareness of cyber activity by reviewing DoD, Intelligence Community and open-source reporting for new vulnerabilities, malware or other threats that have the potential to impact the DoDIN.
- Synthesize, summarize, consolidate and share potentially malicious activities on the DoDIN with DISA and mission partner organizations by creating incident reports, SARs, Confluence updates, Tippers, Threat Cards and other notifications.
- Track/create DoD incident handling database queries, metrics, and trend reports.
- Assist in providing threat and vulnerability analysis as well as security advisory services and recommendations.
- Train and mentor other team members.
Requirements
- Bachelor's degree with 8+ years of professional experience (related DISA experience and cyber courses/certification is accepted in lieu of a degree).
- Must have DoD-8570 IAT Level 2 baseline certification (Security+ CE or higher) at start date and be able to obtain CSSP-A certification within 180 days of start date.
- Proficient understanding of Cyber Network Defense (CND) in regard to protect, detect, respond and sustain within a Computer Incident Response organization.
- Excellent verbal and written communication skills including the ability to clearly articulate technical and strategic level cyber matters to a variety of audiences.
- Highly developed research and analytical skills to pinpoint statistically significant patterns related to cyber threats.
- Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth.
- Must have an active Top Secret/SCI clearance.
Nice-to-haves
- Knowledgeable in Cloud security/defense.
- Experience with DISA and DoD Networks.
- Working knowledge of cyber operational security, log analysis, netflow analysis, incident response, malware analysis, computer forensics, and/or cyber-crime.
- Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP.
- Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership.
- Working knowledge and proficiency utilizing Wireshark and Splunk analysis tools.
- Experience in intelligence driven defense and/or Cyber Kill Chain (CKC) methodology; knowledge of Advanced Persistent Threat (APT) and other cyber threat modeling frameworks.
- Working knowledge of the U.S. Intelligence Community and/or Fusion centers.
Benefits
- Pay Range: $101,400.00 - $183,300.00
