At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
Description
Leidos has a current job opportunity for a Senior Cybersecurity Engineer specializing indata integration, content development, and system architecture.Working with Elastic Stack (Elasticsearch, Logstash, Kibana), the individual would lead a team in developing, managing, and optimizing scalable search and analytics solutionsfor the DISA GSM-O II program inPearl Harbor,HI.
A successful candidate will have experience in cyber analysis, incident response,SIEM operations, content development, visualizations, and reporting.This role requires technicalexpertisewith Elastic, a deep understanding of SIEM architecture, and hands-on experience working with cybersecurity relevant data, cyber incident handling, and monitoring in secure environments.
POSITION SUMMARY:
The Senior Cybersecurity / ElasticDetection Engineer will leadin development of SIEM/SOAR capabilities to supportthe team’s Cyber Security Service Provider (CSSP) services. They will create, test, implement,and execute standard procedures for the "front-end" operation withinElastic. They will alsodevelop reports, dashboards, analytic rules, filters, andmetrics.
PRIMARY RESPONSIBILITIES:
Monitorandoptimizethe performance of content within the Elastic Stack clusters to ensure high availability, reliability, and performance of content supporting the Cyber Security Service Provider (CSSP) services.
Create andmaintaincomprehensive documentation for content, processes, and procedures.
Design, develop, andmaintaincustom dashboards using Elastic for monitoring and visualization of metrics, logs, and traces.
Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development.
Work with the site threat emulation/analytic development team to maximize detectionopportunities correlated with the MITRE ATT&CK framework.
BASIC QUALIFICATIONS:
Active DoD Secret security clearance and ability to obtain TS/SCI.
An ability to think critically, work independently, and regularly communicate updates to the supported stakeholders.
Highly motivated and able to work independently with minimal supervision, while also thriving in a collaborative team environment.
Strong written and oral communications skills and strong analytical and troubleshootingskills.
In-depth knowledge of architecture, engineering, and operations ofElastic Stack.
Demonstratedcommitment to training, self-study, andmaintainingproficiencyin thetechnical cyber security domain.
Bachelor's degree and 8+years of prior relevant experience;additionalworkexperience or cyber courses/certifications may be substituted in lieu of degree.
DoD 8570 CSSP-A level Certification such as CEH,CySA+, GCIA or other certification isrequired within 180 days of hire.
DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP,SANS GSEC prior to starting.
PREFERRED QUALIFICATIONS:
CND experience (Protect, Detect, Respond, and Sustain) within a Computer IncidentResponse organization.
Advanced certifications or any formal certified training in Elastic or other SIEMs are preferred.
Strong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.
Demonstratedunderstanding of the life cycle of network threats, attacks, attack vectorsand methods of exploitation with an understanding of intrusion set tactics, techniques, andprocedures (TTPs).
Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow,system administration, OSI model, defense-in-depth,and common security elements.
Proven ability to develop, test, and deploy high-fidelity security analytics and detection rules. Experience with a scripting language like Python is highly desirable.
Proficiency with GitLab (or similar version control systems) and collaboration platforms (e.g., Microsoft Teams, Slack).
Familiarity or experience in Intelligence-Driven Defense and/or Cyber Kill Chainmethodology.
Exceptional analytical and problem-solving skills with a keen eye for identifying and addressing security gaps.
Demonstrated ability to analyze existing processes, identify areas for improvement, and implement solutions to enhance efficiency and effectiveness.
Existing 8570 CSSP Analyst Certifications (CEH),CySA+, etc.
Vendor-specific certifications.
WHY LEIDOS?
Company-paid relocation to Hawaii
Competitive compensation plans (including health and wellness programs, flexible leave, and immediately-vested 401k)
Robust professional development and career growth program(s) within the defensive cyber space (including upskilling opportunities, mentorship, and 1:1 guidance and job-matchmaking from career coaches)
Original Posting Date:
2025-02-24
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $104,650.00 - $189,175.00
The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
REQNUMBER: R-00154173
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.