DCO Counter-Measures Engineer
Leidos · Hill Air Force Base, Utah, United States · 2 mo ago
HybridInformation Technology$108k–$195k/yrFull-time
About the role
This position supports the GSM-O II program, providing network operations and cyber defense support to the Defense Information Systems Agency (DISA) for the DoD and COCOMs. The role can be based at Scott AFB, IL; Hill AFB, UT; or Columbus, OH, with partial/hybrid telework allowed.
Responsibilities
- Author and deploy novel countermeasures to eliminate threats and illuminate their activities.
- Audit the effectiveness of countermeasures and adjust actions as necessary.
- Design and develop solutions for automated cybersecurity services, including agile development and maintenance of automation scripts/tools.
- Create custom integrations, data correlation strategies, and processing methods to reduce cybersecurity risks and serve as a Subject Matter Expert for the automation team.
- Maintain situational awareness of cyber activity by reviewing DoD, Intelligence Community, and open-source reports for new vulnerabilities, malware, or threats impacting the DoDIN.
Requirements
- Active DoD Secret clearance.
- Bachelor's degree in a related field with 8+ years of applicable experience; additional years of experience accepted in lieu of a degree.
- Intermediate-level compliance certification (Security+, PenTest+, CySA+, GSEC, GMON).
- Proficiency in programming in at least one modern language (Java, Python, Ruby, C++).
- Experience with DISA and DoD networks.
- Experience countering APTs or emergent threats to DOD networks.
- Advanced understanding of TCP/IP, networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
- Understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with knowledge of intrusion set tactics, techniques, and procedures (TTPs).
- UNIX administrative skills.
Qualifications
- Must have an active DoD Secret clearance.
- Basic Qualifications: Bachelor's degree in a related discipline with 8+ years of applicable experience; additional years of experience accepted in lieu of a degree.
- Intermediate-level compliance, to include one of the following certifications: Security+, PenTest+, CySA+, GSEC, or GMON.
- Proficiency in programming in at least one modern language (Java, Python, Ruby, C++).
- Custom malware detection development experience.
- Advance understanding of TCP/IP, networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Understand the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
- UNIX Administrative skills.
Skills
- Experience with DISA and DoD Networks.
- Experience countering APTs or emergent threats to DOD networks.
- Skilled in developing extended cyber security analytics.
- Experience in developing and supporting a development environment.
- Experience automating tasks via Bash, Python, PowerShell, or other scripting tools.
- Experience in Linux and Windows-based systems administration in a cloud or virtualized environment.
- Experience with API development and integration.
- Experience with Git, Sigma, Yara, Snort, and Suricata.
- Experience with Detection-as-a-Code Principles.
- Experience with malware analysis concepts and methods.
- Advanced Certifications such as GREM, OSCP, CISSP, or CASP.
Benefits
The company offers a comprehensive benefits package including competitive compensation, Health and Wellness programs, Income Protection, Paid Leave, and Retirement.
Pay
The pay range for this position is $107,900.00 - $195,050.00.
Schedule
The schedule for this role is flexible, allowing for partial/hybrid telework while requiring a consistent on-site presence.