Description

　　The Leidos Defense group has a career opportunity for a Senior Detection Engineer. This position will support a large Department of Defense (DOD) Cyber Security Service Providers (CSSP) and is responsible for proactively developing detections to identify malicious cyber actors (MCAs) targeting our customers' networks. Leveraging a deep knowledge of the various detection strategies and the threat landscape, the Sr. Detection Engineer will enhance our cybersecurity posture, implement new signatures across a wide-range of tools to identify and neutralize threats to the DODIN.

　　As a Senior Detection Engineer, you will specialize in developing sophisticated signatures, queries, and dashboards to detect and neutralize cyber threats. Utilizing tools like Elastic Security, Snort, and Zeek, your role is crucial in creating and refining detection mechanisms to safeguard our subscribers' networks from MCAs.

　　Primary Responsibilities:

　　Analyze network traffic and system logs to identify patterns indicative of malicious activities, forming the basis for new detection strategies.Design and develop advanced detection signatures and rules for Elastic Security, Snort, and Zeek, focusing on accurately identifying potential cyber threats.Create complex queries and dashboards to enhance visibility and monitoring capabilities within our cybersecurity infrastructure.Test and validate new detections in a controlled environment to ensure their accuracy and effectiveness before deployment.Regularly update and optimize existing detection rules and signatures based on the evolving cyber threat landscape and intelligence.Collaborate with the cybersecurity team to translate intelligence requirements into effective and actionable detection strategies.Provide documentation on the creation, modification, and implementation of signatures and detection mechanisms as required.Conduct post-incident analyses to refine detection strategies, ensuring continuous improvement in identifying and neutralizing threats.Stay informed about the latest cybersecurity threats and trends to ensure our detection capabilities are consistently up-to-date and effective.Engage in peer review processes to maintain the quality and efficacy of detection strategies and to foster a collaborative work environment.Mentor and support junior staff in detection techniques and best practices, fostering a culture of continuous learning and skill development.

　　Required Qualifications:

　　Bachelors degree and 8-12 years experience8570 IAT II & IAM II (e.g. Security+), and CSSP Analyst certification (e.g. CEH, GCIH, etc.)Must possess an active TS/SCI security clearance. Experience using a prominent Security Information and Event Management (SIEM) (e.g. Splunk, Elastic/Kibana)10+ years of IT experience5+ years of Networking experience4+ years of analyst experience3+ years of Detection Engineering experienceExcellent written, verbal, and interpersonal communication skills

　　Preferred Skills:

　　Experience briefing to a customer or stakeholdersExperience working for a Cybersecurity Service Provider (CSSP) or Security Operations Center (SOC)Experience with one or more of the following tools (Snort, Bro/Zeek, Elastic/Kibana).

　　Pay Range:

　　Pay Range $101,400.00 - $183,300.00

　　The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

　　#Remote

　　Original Posting Date:

　　12/11/2023

　　While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.