Leidos is seeking an Information Security Analyst in Morgantown, WV.
• With a positive attitude and work ethic, provides information and systems security support to the organization under minimal supervision.
• Maintains systems to protect data from unauthorized users and monitors compliance with the organization's information security policies and procedures.
• Performs daily monitoring activities, including analysis of logs and reports from firewalls and other boundary protection devices to identify and investigate anomalous log entries which impact the confidentiality, integrity, or availability of information systems.
• Identifies vulnerabilities that are applicable to systems and applications to assess their severity and urgency.
• Works with system owners and network administrators to track corrective action, resolution progress, and mitigation of vulnerabilities.
• Installs, maintains, and monitors network intrusion detection systems.
• Installs, maintains, and monitors web monitoring filters.
• Installs, maintains, and utilizes automated vulnerability scanning tools.
• Performs root cause analysis of security incidents, documents solutions and lessons learned.
• Produces reports on vulnerability analysis, intrusion detection, and malware.
• Conducts and documents investigation of insecure configurations, policy and standards violations, and security breaches.
• Performs security audits.
• Researches, analyzes, and recommends security systems hardware and software for department use.
• Tracks new technology developments related to information security including, but not limited to vulnerabilities, trends, threats, and technology.
• Develops test procedures for, and validates NIST 500-83 based PCSP controls for Systems Test & Evaluation.
• This position assists the ISSO supporting all disciplines within the IT organization to ensure adherence to, and compliance with, the federal and organizational cyber security programs.
• Assist the ISSO with policy and quality manual development to ensure overall LM compliance with all applicable NIST standards and all applicable DOE Policies, Orders, Notices, Manuals, and Guides.
• Cultivates an awareness and understanding of current cyber security threats and briefs the ISSO and cyber team.
• Tracks new technology developments related to information security and insures inclusion of those developments into LM practice.
• May train and mentor junior staff as appropriate.
• Supports SOC operations on a rotating (weekly) basis.
• May lead certain aspects of a task or project.
• Must have a CISSP or equivalent certification.
• Must have a minimum of 5 years' experience in information systems security.
• Bachelor's Degree required in an information technology related discipline, or six years of direct cyber security experience in lieu of a degree.
• Displays and promotes a positive attitude and possesses unwavering integrity and extraordinary adherence to high ethical standards.
• Understands the core principles and maintains awareness of current trends in the field of information and systems security.
• Displays excellent verbal and written communication skills.
• Demonstrated experience using information security toolsets and software, including installation, configuration, maintenance, and operations.
• Ability to perform professional tasks independently and to analyze and develop innovative solutions to complex problems.
• Ability to recommend approaches for new or improved processes.
• Ability to lead aspects of a task or project.
• Ability to train and mentor more junior staff.
• Ability and motivation to learn new skills as required by an evolving information security landscape.
• Possess expert knowledge in at least two of the following areas: Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Protocol Analysis, and Incident Response.
• Working knowledge of and experience with the Linux operating system.
• Direct federal or DOE experience preferred.
• Master’s Degree preferred.
• Certifications Preferred: GCIH, GPEN, GCED, GCPPA, GCMC - Experience with FISMA reporting and NIST 800-53 a plus.
Job Number: 645256