Leidos - Joint Base Pearl Harbor-Hickam, HI

posted about 2 months ago

Full-time - Intern
Joint Base Pearl Harbor-Hickam, HI
Professional, Scientific, and Technical Services

About the position

The Digital Modernization Group at Leidos is seeking a Cybersecurity Analyst intern to join the Global Solutions Management - Operations II (GSM-O II) contract. This contract is focused on the Operations, Sustainment, Maintenance, Repair, and Defense of the Defense Information System Network (DISN) within the Department of Defense Information Network (DODIN), supporting the Defense Information Systems Agency (DISA). The position is based onsite at Ford Island, Hawaii, and requires a highly motivated and capable candidate to support the Cybersecurity/Network Assurance team. As a Cybersecurity Analyst intern, you will engage in various tasks including performing cyber threat intelligence analysis, correlating actionable security events, and conducting network traffic analysis using raw packet data, net flow, IDS, IPS, and custom sensor outputs. You will also participate in coordinating resources during incident response efforts. The role demands a collaborative approach, where you will review both DoD and open-source intelligence for threats, identify Indicators of Compromise (IOCs), and integrate these into sensors and Security Information and Event Management (SIEM) systems. You will be responsible for utilizing alerts from various sources such as endpoints, IDS/IPS, and custom sensors to identify compromises on customer networks and endpoints. Additionally, you will review log files, pivot between data sets, and correlate evidence for incident investigations. Strong written and verbal communication skills are essential, as you will need to articulate findings and create complex technical reports on your analytic findings. This internship is an excellent opportunity for students currently enrolled in a Cybersecurity or related discipline, providing hands-on experience in a critical field.

Responsibilities

  • Perform cyber threat intelligence analysis and correlate actionable security events.
  • Conduct network traffic analysis using raw packet data, net flow, IDS, IPS, and custom sensor outputs.
  • Participate in the coordination of resources during incident response efforts.
  • Review DoD and open-source intelligence for threats.
  • Identify Indicators of Compromise (IOCs) and integrate them into sensors and SIEMs.
  • Utilize alerts from endpoints, IDS/IPS, Netflow, and custom sensors to identify compromises on customer networks/endpoints.
  • Review log files, pivot between data sets, and correlate evidence for incident investigations.
  • Articulate findings, updates, and analysis in a collaborative environment.
  • Create complex technical reports on analytic findings.

Requirements

  • Current enrollment in an Associate's, Bachelor's or Master's program in Cybersecurity or related discipline is required.
  • Excellent written and verbal communication skills with the ability to interpret and author well-formed documents.
  • Demonstrated commitment to training, self-study, and maintaining proficiency in the technical cybersecurity domain.
  • Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
  • Understanding of Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, and Network Forensics.
  • Familiarity or knowledge of malware analysis concepts and methods.
  • Familiarity or knowledge of Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
  • Ability to obtain a Secret clearance is required to start (selected candidates will be sponsored for required clearance).
  • Must be a US Citizen to qualify.

Nice-to-haves

  • Security+ and/or CySA+ certifications.
  • Academic knowledge of CND domains (Protect, Detect, Respond and Sustain).
  • Understanding of Computer Incident Response organizations or Security Operations Centers.
  • Familiarity with an enterprise SIEM platform like Splunk or Elastic.
  • Unix/Linux command line experience.
  • Detail oriented with scripting and programming experience.
  • Highly engaged and willing/able to collaborate with other analysts.
  • Emotional Intelligence.

Benefits

  • Internship experience in a leading defense and technology company.
  • Opportunity to obtain CompTIA Security+ certification and CSSP-Analyst certification within 6 months of hire.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service