Description Job Description:
This is an opportunity to join a team of highly skilled and innovative network defenders, and the best group of individuals out there. Leidos’ Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Software Development Engineering Sr. Manager. Leidos is an international company made up of 43,000 employees that provides Defense, Intelligence and Health Products to our customers. Our goal is to stay ahead of, and maintain a technical advantage over our adversaries using the latest technical advancements, including custom built cybersecurity capabilities. Reporting to the Director of Cybersecurity Intelligence & Response, this position is responsible for the central management, oversight, and evolution of the capabilities that support CSIRT directly. This position requires working experience in cyber security to understand the threat landscape, analytical workflows and existing technology in order to innovate and deliver cohesive defense capabilities and tools for accurate and swift analysis. In this role, you will provide technical expertise and leadership to a team of developers and engineers, provide appropriate levels of situational awareness to stakeholders, including staff, management, senior and executive leadership, and deliver cyber capabilities with excellence and precision. You will also be responsible for innovation into new areas such as artificial intelligence and machine learning (AI/ML).
- Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means, to different constituencies such as legal counsel, executive management and technical staff.
- Lead strategic projects and develop capabilities to enhance and mature existing cyber functions.
- Provide accurate roadmaps for creation and enhancements of capabilities
- Deliver quality solutions on time and on budget
- Manage the procurement, configuration and ongoing services of new hardware and software for CSIRT
- Drive innovation and provide thoughtful leadership on current and future cyber security initiatives.
- Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements, and operations.
- Interface with Business Unit and Corporate group leadership to provide an understanding of current threats targeting their environments and what security measures are currently mitigating these threats.
- Support any relevant business capture proposal efforts as a subject matter expert on CSIRT capabilities
- Deliver capabilities to increase cybersecurity visibility and control within Leidos and its subsidiaries
- Provide architecture and design support to establish cohesive enterprise defenses
- Minimum of 8 years' experience in cybersecurity, software development or operations
- Minimum of 4 years managing an Information/Cyber Security Team with responsibilities that include leading design, operations or development efforts
- Able to work with sensitive materials and employee information and always maintain confidentiality
- Experience building and managing teams
- Strong understanding of Operating Systems and Network Protocols.
- Ability to track and research changes within the information security field and provide actionable intelligence.
- Ability to perform root cause analysis to determine lessons learned and next steps
- Able to mentor and guide software developers to produce top tier solutions
- Hands-on experience with developing software (Python and Golang preferred)
- Experience working in multiple operating systems
- Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
- Hands-on experience with security technologies:
- Intrusion Detection & Prevention (IDP) – Sourcefire, Snort, Bro
- Security Information & Event Management (Splunk preferred)
- Security Orchestration, Automation, & Response (SOAR) – (Palo Alto XSOAR preferred)
- Full Packet Capture
- Experience with Artificial Intelligence and Machine Learning technologies (AI/ML)
- Experience in conventional network\host-based intrusion analysis, digital forensics or malware analysis.
- Understanding of behavioral based threat models, including ATT&CK, Cyber Kill Chain, Diamond Model, etc.
- A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.
- Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports.
- Experience in a security intelligence center or similar environment tracking threat actors and responding to incidents.
- Familiarity with cyber threat landscape, geopolitical issues that could have cyber impacts, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks
- Ability to create, modify, and implement both Snort and YARA signatures.
- Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders.
- Previous experience as Threat Researcher and/or Intelligence Analyst.
- Experience performing dynamic malware analysis.
- Experience with malware reverse engineering.
- Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols
- Hands-on experience with security technologies:
- Endpoint Detection & Response tools (EDR) - McAfee, CrowdStrike, SentinelOne, etc.
- Network Analysis tools - Wireshark, tcpdump
- Threat Intelligence Platforms - CRITS, MISP, ThreatConnect, Anomali, etc
- Malware Sandboxing - Cuckoo, Yara, Volatility, etc
Pay Range $113,100.00 - $174,000.00 - $234,900.00