Security Operations Center (SOC) Analyst - Weekend Shift

R-00153372

Description

Leidos is looking for a remote, part-time night shift analyst to join a 24/7/365 Security Operations Center.  The hours of operation are 7pm – 7am Saturday and Sunday.  The SOC analyst will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with tools commonly deployed in a SOC environment such as, intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management.   

    

REQUIRED Qualifications:    
 

• Must be a U.S. Citizen.   
  

• Ability to obtain a Public Trust clearance.   
  

• Minimum 1-3 years of experience in network defense environments.   
  

• Strong analytical and technical skills in computer network defense operations.   
  

• The ability to assist in Incident Handling (Detection, Analysis, Triage), and Hunting efforts (anomalous pattern detection and content management).   
  

• Prior experience and the ability to analyze information technology security events to discern true positive incidents from false positive events. This includes security event triage, incident investigation.   
  

• Familiarity with responding to potential phishing attacks.   
  

• Ability to follow codified Incident Response and SOC procedures.   
  

• Previous hands-on experience with a Security Information and Event Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting is required (preferably within Splunk).   
  

• Ability to understand rules as written, including filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.   
  

• Strong logical/critical thinking abilities, especially analyzing security events from host and network event sources e.g., windows event logs, AV, EDR, network traffic, IDS events for malicious intent).   
  

• Excellent organizational abilities and a strong attention to detail.   
  

• A working knowledge of the various operating systems (e.g., Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).   
  

   

Desired Qualifications:    

• Understanding of Splunk Processing Language ( SPL )    
  

• Familiarity in analyzing NetFlow data and packet capture (PCAP).   
  

• Familiarity with one or more of the following technologies, specific tools: Splunk (including Core and ES), Cisco  FireSight , FireEye, Palo Alto.   
  

Work Location:                 

• Washington, DC or Hybrid (2 days onsite/remote) - Potentially remote eligible pending customer approval.   
  

Education:    

• BS degree preferred.   
  

Original Posting Date: 2025-02-12
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range: Pay Range $67,600.00 - $122,200.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

#Remote