Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Cyber Security Metrics Analyst

Expired Job

Leidos Washington , DC 20319

Posted 3 months ago


Department of Homeland Security (DHS), Security OperationsCenter (SOC) Support Services is a US Government program responsible tomonitor, detect, analyze, mitigate, and respond to cyber threats andadversarial activity on the DHS Enterprise. The DHS SOC has primaryresponsibility for monitoring and responding to security events and incidentsdetected at the Trusted Internet Connection (TIC) and Policy Enforcement Point(PEP) and is responsible for directing and coordinating detection and responseactivities performed by each Component SOC. Direction and coordination areachieved through a new shared DHS incident tracking system and other means ofcoordination and communication.


The Security Operations Center (SOC) Metrics Analyst Mid-Level will work directly with the SOC Metrics Team Lead and the customer to ensure that effective, measurable Cyber metrics are collected, analyzed, and presented on both and ad hoc and continual basis using the existing infrastructure. The candidate will be responsible for implementing SOC metrics program to ensure the metrics collected are impactful, and assist in driving sound management decisions. The candidate must have a strong background as a Sr. Cybersecurity Analyst supporting 24X7 operations with experience in data security technologies, incident response, forensics, and digital media analysis and process improvement. The candidate should be familiar the Cyber Kill Chain methodology and how to correctly measure its effectiveness.

Primary Responsibilities:

  • Propose SOC metrics for government approval.

  • Develop a set of SOC metrics that indicate ESOC and Enterprise SOC staff awareness of the Kill Chain methodology.

  • Develop Implementation Metrics that demonstrate enterprise SOCs are actively using Kill Chain methodology.

  • Develop effectiveness and efficiency SOC metrics

  • Develop Impact Metrics demonstrating the maturity of enterprise SOCs

  • Develop a metrics scorecard to display the level of effectiveness of enterprise SOCs

  • Build dashboards using the ESOC infrastructure to support on-demand metrics representation






The candidate must currently possess or be able to obtain a DHS EOD and be eligible for Top Secret/SCI. Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment. Experience operating at a Sr. Analyst in a 24x7 security operations center (SOC) in the areas of Digital Media Analysis, Forensics, Incident Response, or malware reverse engineering.

BS in IT related field or higher and 3+ years' experience in Digital Media Analysis, Forensics, Incident Response, malware reverse engineering, or cyber intelligence.

Skills in: SQLand Tableau, Excel and Microsoft Suite.

Experience with

Business Intelligence (BI), Visualization, and Reporting tools, such as PowerBI, Tableau, and/or Qlik.

Familiaritywith maintaining, integrating, and preparing complex and/or large datasets foranalysis.


Familiarity Splunk and its dashboard capabilities

  • Familiarity with Cyber Kill Chain methodology

  • Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit The company's diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Analyst (IR Monitoring & Handling) 3Rd Shift TuesSat

Salient Crgt

Posted 1 week ago

VIEW JOBS 11/10/2018 12:00:00 AM 2019-02-08T00:00 Company/Position Overview Salient CRGT seeks a Cyber Security Analyst for one of our leading customers: Veterans Affairs. The successful candidate myst be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. He/she will serve as an expert and be responsible for providing network and security operations technical analysis, assessment and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring. In this role, responsibilities include: * Monitoring various security tools (e.g., Splunk, Palo Alto Networks, SourceFire, Cisco ASA) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of VA architecture and information systems are protected * Reviewing and analyzing log files to report any unusual or suspect activities Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating * Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open source intelligence (OSINT) * Following established incident response procedures to ensure proper escalation, analysis and resolution of security incidents * Reporting incidents to US CERT and providing detailed information for use in after action reports * Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy * Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the VA network, and assessments for * High Value Assets * Supporting on-site during one of the following shift times: o 6AM – 2:30PM o 2:00PM – 10:30PM o 10PM – 6:30AM Mandatory Qualifications (Education, Certifications, Experience, Skills) Education: Bachelors degree in computer science, electronics engineering or other engineering or technical discipline, 8 additional years of relevant experience may be substituted for education Experience: 10 years of related experience PWS Specified Certifications: Must have at least one of the following certifications (Or the ability to obtain one of the certification within 90 days of hire): GIAC Certified Intrusion Analyst; GIAC Certified Incident Handler (GCIH) or Certified Ethical Hacker (CEH) Background Investigation: Must be able to pass and maintain a Government Background Investigation. U.S. citizenship is also required by law, regulation, executive order, or government contract for this particular position Desired Qualifications (Education, Certifications, Experience, Skills) Salient CRGT is a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions. We support these core capabilities with full lifecycle IT services and training—to help our customers meet critical goals for pivotal missions. We are purpose-built for IT transformation supporting federal civilian, defense, homeland, and intelligence agencies, as well as Fortune 1000 companies. If you feel you are qualified for this position, express interest by clicking the Apply button below (if you are viewing this position on the Salient CRGT website). If you are viewing this job posting outside of the Salient CRGT website, please visit: to express interest in this position through the Salient CRGT Careers page. Salient CRGT is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity or expression, veteran status, disability, genetic information, or any other factor prohibited by applicable anti-discrimination laws. Salient Crgt Washington DC

Cyber Security Metrics Analyst

Expired Job