Job description
Description
The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, various cloud environments, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.
The ideal candidate will have an advanced understanding of multiple Operating Systems, monitoring and detection techniques and methods, and Incident Response Lifecycle. The candidate must be familiar with the operation of common protocols, network intrusion detection systems, and endpoint detection and response tools. Experience using PowerShell, Python, or Bash to automate common tasks is highly preferred.
- Conduct investigations by analyzing and verifying information utilizing log analysis, digital evidence collection and forensic procedures.
- Use Network and Host based tools to monitor and detect potential threats and unauthorized activity across Windows, Unix, Cloud, and Mobile devices.
- Perform forensic and memory analysis on Windows, Unix, Mobile, and Cloud devices and infrastructure.
- Develop and update security content such as IDS signatures. SIEM queries, alerts, and dashboards, Standard Operating Procedures, and other detection and mitigation measures.
- Identify network visibility and technology gaps to make recommendations to improve the organizations overall security posture.
- Automate procedures and develop code to eliminate repetitive manual tasks.
- Collaborate and coordinate with other entities within and outside the SOC.
- Bachelor’s degree in Science or Engineering Field, IT, or Cybersecurity or related field. Additional experience and certifications may be considered in lieu of a degree.
- 0 - 2 years of experience be in the areas of incident detection and response, remediation malware analysis, or computer forensics.
- Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell
- SANS GIAC: GCIA, GCFA, GPEN GCFE, GREM, or GCIH ISC2 CCFP, CCSP, CISSP, CERT CSIH EC Council: CHFI, Offensive Security: OSCP, OSCE, OSWP and OSEE Encase: EnCE, DOD 8570: IAT L3, CNDSP Analyst or IR Carnegie Mellon: CSIH
- Between 1 - 2 years of experience in two or more of these specialized areas:
- Insider Threat
- Digital media forensic
- Monitoring and detection
- Incident Response
Pay Range:
Pay Range $53,300.00 - $82,000.00 - $110,700.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
jjbodyshop.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, jjbodyshop.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, jjbodyshop.com is the ideal place to find your next job.