Senior Cyber Defence Analyst (Blue Team)
- Full-time
- Job Type: Permanent
Company Description
Leidos is a Fortune 500® Technology, Engineering, and Science Solutions and Services leader. Leidos' 47,000 global employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023.
Leidos Australia has been a trusted partner to the Australian Government, including the Department of Defence, for more than 25 years, having delivered some of the most complex software and systems integration projects in Australia. With a local workforce of around 2,000, of which 85% hold a government security clearance, we have one of the largest security-cleared workforces in Australia. Our team is also backed by Leidos' global expertise, experience and capabilities.
Job Description
Your New Role
This is an opportunity to join a team of highly skilled and innovative network defenders, and the best group of individuals out there. Leidos’ Cybersecurity Intelligence and Response Team (CSIRT) has an immediate opening for a motivated Cyber Defense Analyst.
Our goal is to stay ahead of, and maintain a technical advantage over our adversaries using the latest technical advancements, including custom built cybersecurity capabilities. As a key part of the team, your responsibilities will include threat hunting, and tactical analysis of ongoing attacks by criminal and nation state actors.
You will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against Leidos' global networks.
Role responsibilities include:
- Analyze network and host activity associated with both successful and unsuccessful intrusions by advanced attackers.
- Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output.
- Support enterprise incident response efforts
- Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise
- Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering
- Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits.
Qualifications
About You and What You'll Bring
We are looking for a proactive, detail oriented cyber security professional, able to work both in a team environment and autonomously. Qualifications we're looking for:
- A Bachelor's Degree and 8-12 years relevant experience in cyber security or network defense; or 7-11 years relevant experience with relevant certifications (CISSP, SANS GIAC, CEH, etc.)
- Experience in conventional network\host-based intrusion analysis, digital forensics, or malware analysis
- Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts
- Experience leading and contributing to incident response activities
- Strong understanding of Operating Systems and Network Protocols
- Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
Candidates will need to be Australian Citizens with the ability to obtain and hold an AGSVA security clearance.
Additional Information
What You'll Love
At Leidos, we embrace diversity and are committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities and age groups.
You will be valued, included and supported. So if you are open-minded and keen to Be the difference, we look forward to welcoming you.
Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1.