Endpoint Security Analyst

Description

Leidos has an immediate need for an experienced Endpoint Security Analyst for a new customer on a highly-visible and strategic Cybersecurity Task Order. The Endpoint Security Analyst will be responsible for conduct host-based defensive cyber operations using endpoint detection and response (EDR) products, as well as anti-malware tools and other endpoint security controls. The ideal candidate is a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to work within a team to stand up and mature the cybersecurity capabilities of our customer

Primary Responsibilities:

• Deploying, configuring, operating, monitoring, tuning, upgrading, and troubleshooting endpoint security tools

• Coordinating and assisting engineering with the deployment and centralization of an approved malware protection tool across multiple FISMA systems

• Utilize approved tools to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions

• Coordinating with engineering to develop and implement plans to apply patches, hot fixes, and other critical updates as needed

• Build queries, dashboards, and reports for enterprise and leadership awareness

• Troubleshoot endpoint tool issues and outages

• Develop and maintain policies and tasks for all related endpoint products

• Develop Standard Operating Procedures (SOPs) for the operation and maintenance of endpoint security tools

• Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards

• Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy

Basic Qualifications

• Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this program

• BS degree in Science, Technology, Engineering, Math or related field and 4+ years of prior relevant experience with a focus on cybersecurity

• Prior Experience deploying Endpoint Security Solutions (ESS) including Mcafee ePO, Crowdstrike, Microsoft Defender, and Sophos.

• Strong foundational security knowledge, specifically in large and complex organizations

• Understanding of current security threats and other challenges, as well as frameworks like MITRE ATT&CK

• At least one of the following certifications:

SANS GCIA, GCIH, GCFA, GCFE, GREM, GISF, GXPN, GWEB, GNFA, GMON

Offensive Security: OSCP, OSCE, OSWP, OSEE

ISC2: CCFP, CISSP

EC Council: CEH, CHFI, LPT, ECSA, ECIH

• A desire to learn, combined with a collaborative work style and strong personal work ethic

• Strong communication and presentation skills, both verbal and written

Preferred Qualifications

• Certifications in relevant security products would be beneficial (e.g., Tanium Certified Operator / Administrator, CrowdStrike Certified Falcon Administrator / Responder / Hunter

• Experience deploying, configuring, and maintaining McAfee point products such as VirusScan Enterprise, Rogue System Detection (RSD), Policy Auditor (PA), Data Loss Prevention (DLP) / Device Control Module (DCM)

• Experience deploying and configuring Crowdstrike Falcon Prevent sensors on endpoints

• Experience with creating and implementing custom IOCs and IOAs in Crowdstrike

• Experience with triaging and investigating hosts using Crowdstrike

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.