Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed

security violations.

Primary Responsibilities

• Conduct risk assessment of CBP systems including data gathering, research, and coordination.

• Analyze of control applicability and implementation statuses for enterprise risk assessments.

• Integrate the NIST Cybersecurity Framework (CSF) in NIST 800-53 controls analysis.

• Conduct analysis on the effectiveness of POA&M management when conducting risk assessments.

• Analyze MITRE Tactics and Techniques for CBP’s CTI Threat Actors and additional threat actors targeting system.

• Prioritize system assets based on impact levels.

• Identify Response activities, including Contingency Plan, data backups, alternate processing sites, etc.

• Prioritize recommendations to mitigate risk levels.

• Apply knowledge of the Risk Management Framework (RMF) and the System Development Life Cycle (SDLC) to daily activities.

• Analyze SSPs, Risk Assessment Reports or security related documentation.

• Formulate security compliance requirements for systems.

• Identify security issues when reviewing security documents.

• Utilize CBP’s intelligence/security tools to capture data points for Risk Assessments: o Axonius, CrowdStrike, Swimlane, CSAM, Splunk, ARM (Active Risk Manager), Digital Guardian, Recorded Future.

• Support CBP Component - Cybersecurity Acquisition Risk Management (C-CARM) in establishing an effective security infrastructure by ensuring CBP program cybersecurity threats and risks are identified, assessed, and documented throughout the acquisition lifecycle.

• Monitor Body of Evidence (BoE) for each Acquisition Decision Event (ADE) and actively communicate concerns to promote programs milestone success.

• Organize and secure program BoE by regulation of Teams channel.

• Communicate between Programs and cybersecurity risk assessment functionaries.

• Support C-CARM in guiding programs on the methodology and sequence for consistent and concise Threat Assessment.

• Ensure the C-CARM SOP is up-to-date and consistent with current processes.

• Create various PowerPoint Presentation briefs for the respective Gov’t leads.

Basic Qualifications

• All Department of Homeland Security CBP SOC employees are required to favorably pass a 5-year (BI) Background Investigation.

• Bachelors’ degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field and 4 to 8 years of related experience. Additional years of experience and cyber certifications may be considered in lieu of degree.

• Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment.

Preferred Qualifications

• Experience in reviewing results from Operating system, application and Database scans.

• Experience in vulnerability reviewing, analysis and management.

• Preferred certifications: CAP, CISM, CISSP, CISA, CASP, CEH, GCED, CRISC, Sec +

Original Posting Date:

2025-01-17

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.