Description

Leidos is seeking a Lead Cyber Network Defense (CND) Fusion Functional/Technical Consultant to join a team supporting a government customer in a highly complex cyber security environment. The successful candidate will manage a team ranging from 10-20 staff and work in a high-pressure environment, solving complex operational issues while delivering outstanding results under tight deadlines and constraints. The successful candidate will serve a key synergy role to infuse transparent collaboration across the SOC, Countermeasures, Detection and IR functions.

The Lead CND Fusion Functional/Technical Consultant will serve as the principle technical advisor and subject matter expert for CND Fusion services. They will be an expert for enterprise fusion analysis. They will understand the cyber threat actor research process. The Lead Fusion consultant shall be a multi-functional individual with strong leadership and technical skills including but not limited to the following core fusion concepts and capabilities; collection and curation of relevant Cyber Threat Intelligence (CTI) of the enterprise threat profile and known/expected advesaries goals, objective, tactics and techniques; integration and correlation of CTI within the SIEM platform and SOC alerting; shape and convert known attack vectors into defensive protocols. Candidates should be familiar with the utilization, configuration, and implementation of industry standard cyber threat actor research and analysis capabilities including but not limited to threat intelligence reporting, threat intelligence data sources/services, advance persistent threat actor practices, advanced persistent threat actor identification and tracking methods, advanced log analysis, network monitoring, and network flow analysis. Candidates must understand the lifecycle of the network threats, attack vectors and methods of exploitation. Candidates must understand the fusion analysis processes and procedures to aid in cyber threat actor identification and tracking, facilitation of comprehensive procedures for collaboration, and assisting in creating defensive measures to defend against advanced cyber threat actors.

Primary Responsibilities

Lead and direct enterprise CND Fusion services; bringing strong operational and technical synergy across technical operational functions to create rapid, cohesive data-driven assessment, detection, defensive countermeasures, alerting, and incident response capabilities to the customer's defensive and offensive security posture. Responsibilities include but are not limited to the following objectives and functional areas;

• Lead a team of cyber professionals responsible for infusing collaboration, security meta-data and threat intelligence into operational workflows laterally across all technical service functions

• Understand, direct, and implement key technical strategies which blend the security telemetry fabric with the IT service fabric to unify event pattern recognition, analysis, triage and response

• collection and curation of relevant Cyber Threat Intelligence (CTI) of the enterprise threat profile and known/expected adversaries goals, objective, tactics and techniques

• integration and correlation of CTI within the SIEM platform and SOC alerting; shape and convert known attack vectors into defensive protocols

• Design, implement and manage a threat hunting program to achieve proactive and predictive threat pattern recognition and correlated SOC alerts

• play a key role in influencing and curating relevant adversarial threat alerts for production monitoring in the SOC

• serve as the technical and/or operational pivot point to orchestrate rapid, open, peer-to-peer collaboration to "get things done"

• create and foster a culture of rapidly crowdsourcing and crowdsolving the customer's most complex operational and incident events

• infuse the agile mindset across cyber functional areas to deliver proactive, adaptive and extensible cyber services to peer teammates, contractors and customer leadership and staff

Basic Qualifications

• Previous experience leading and managing a team of 5+ staff responsible for synergizing disparate tools, teams and functions into a cohesive, collaborative service elevating all security services functions across technical and leadership teams

• Serve as the technical Subject Matter Expert (SME) in leading a team of staff in the design, implementation, integration and operational support of cyber security layers delivering cyber fusion capabilities

• Knowledge and experience evaluating, advising and

• Directs multiple contractor and subcontractors teams through to project completion

• BA/BS and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience

Security Clearance

• TS/SCI clearance and polygraph is required to be considered.

• US Citizenship is required due to the nature of the government contracts we support.

Certifications

• DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order. Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order

• GCIH, CISSP, CCISO, CISA, SANS MGT551 Leading SOCs

Preferred Qualifications:

• Multi-disciplined technical and management experience and leadership across various cyber domains; SOC, Cyber Threat Intel, Detection, Defense, and Countermeasure functions

• Skilled motivator, collaborator and communicator spanning both executive leadership and technical teams

• Dynamic leader removing operational, agency and peer team barriers to achieve and deliver cross-functional and collaborative cyber services

• Experience designing, implementing and championing frictionless cyber security delivery aligned to customer requirements