Senior Cybersecurity Analyst
Leidos Inc, Lorton, VA, United States
Description
The Defense Sector at Leidos is looking for a Senior Cybersecurity Analyst to support a fast‑paced program with Air Force Life Cycle Management Center. The Senior Cybersecurity Analyst will provide comprehensive Security Operations Center (SOC) support to a weapons system program with the Air Force. This role is a critical member of the 24x7 security and network operations center team, ensuring the security and integrity of program IT infrastructure, protecting sensitive data, and mitigating cyber threats. The ideal candidate will have a strong technical background in cybersecurity principles, tools, and best practices.
100% on‑site work with no remote work supported. This role will support 24x7 operations and requires shift rotations on a regular basis, with some flexibility based on program requirements and preference.
Primary Responsibilities
Provide SOC and Incident Response support, including coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents.
Monitor and reply to events and alerts from the SIEM, monitoring tools, and other network tools.
Investigate events of interest and escalating to senior NOC / SOC members.
Drive incidents from discovery to closure and reporting, with comprehension of escalation procedures and criteria.
Categorize incidents and partner with appropriate authorities in the production of security incident reports.
Build timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both the incident and remediation actions taken.
While not in a period of incident response, you will conduct exercises and dry runs to improve response outcomes in the event of a cyber‑incident.
Integrate with Information Assurance (IA) team to support policy updates and continuous monitoring activities in support of Authorization to Operate (ATO) maintenance.
Provide enterprise recommendations to remediate environment‑wide issues, support continuous process improvement, and report analysis.
Investigate compromised endpoints, identifying indicators of compromise (IOC) within the environment and conveying to stakeholders the impact of discovered events.
Basic Qualifications
US Citizen with at least a Top Secret clearance and the ability to obtain a SCI prior to your start date, and maintain clearance during employment.
Bachelor's Degree with 8+ years of experience or Master's degree with 6+ years of experience; additional experience may be considered in lieu of a degree.
Must have an active DoD IAT Level II certification prior to start (e.g., Sec+, CISSP).
Incident Response experience.
Knowledge of MITRE ATT&CK principles.
Systems administration experience – desktop and server systems connected to local and wide area networks.
Knowledge Management skills to follow and create documentation.
Experience with Splunk, ACAS, ESS.
Excellent problem‑solving and troubleshooting skills.
Motivated self‑starter with strong written and verbal communication skills for collaborating with technical and non‑technical stakeholders, and the ability to create complex technical reports on analytic findings.
Preferred Qualifications
Working knowledge of cloud security and related tools for incident response.
Experience securing classified DoD networks, such as networks connected to SIPR or JWICS.
Knowledge of cloud‑native security information and event management (SIEM) tools.
Knowledge of cloud‑native endpoint security tools.
Experience with Agile framework and DevSecOps.
Familiarity with incident response processes and tools.
Experience with scripting or automation tools for security tasks.
Ability to work in a dynamic environment and adapt to changing priorities.
Experience using and interpreting vulnerability assessment or scanning tools such as Nessus.
Pay Range $107,900.00 – $195,050.00
Pay and Benefits Pay and benefits are fundamental to any career decision. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave, and Retirement. More details are available at www.leidos.com/careers/pay-benefits.
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr
100% on‑site work with no remote work supported. This role will support 24x7 operations and requires shift rotations on a regular basis, with some flexibility based on program requirements and preference.
Primary Responsibilities
Provide SOC and Incident Response support, including coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents.
Monitor and reply to events and alerts from the SIEM, monitoring tools, and other network tools.
Investigate events of interest and escalating to senior NOC / SOC members.
Drive incidents from discovery to closure and reporting, with comprehension of escalation procedures and criteria.
Categorize incidents and partner with appropriate authorities in the production of security incident reports.
Build timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both the incident and remediation actions taken.
While not in a period of incident response, you will conduct exercises and dry runs to improve response outcomes in the event of a cyber‑incident.
Integrate with Information Assurance (IA) team to support policy updates and continuous monitoring activities in support of Authorization to Operate (ATO) maintenance.
Provide enterprise recommendations to remediate environment‑wide issues, support continuous process improvement, and report analysis.
Investigate compromised endpoints, identifying indicators of compromise (IOC) within the environment and conveying to stakeholders the impact of discovered events.
Basic Qualifications
US Citizen with at least a Top Secret clearance and the ability to obtain a SCI prior to your start date, and maintain clearance during employment.
Bachelor's Degree with 8+ years of experience or Master's degree with 6+ years of experience; additional experience may be considered in lieu of a degree.
Must have an active DoD IAT Level II certification prior to start (e.g., Sec+, CISSP).
Incident Response experience.
Knowledge of MITRE ATT&CK principles.
Systems administration experience – desktop and server systems connected to local and wide area networks.
Knowledge Management skills to follow and create documentation.
Experience with Splunk, ACAS, ESS.
Excellent problem‑solving and troubleshooting skills.
Motivated self‑starter with strong written and verbal communication skills for collaborating with technical and non‑technical stakeholders, and the ability to create complex technical reports on analytic findings.
Preferred Qualifications
Working knowledge of cloud security and related tools for incident response.
Experience securing classified DoD networks, such as networks connected to SIPR or JWICS.
Knowledge of cloud‑native security information and event management (SIEM) tools.
Knowledge of cloud‑native endpoint security tools.
Experience with Agile framework and DevSecOps.
Familiarity with incident response processes and tools.
Experience with scripting or automation tools for security tasks.
Ability to work in a dynamic environment and adapt to changing priorities.
Experience using and interpreting vulnerability assessment or scanning tools such as Nessus.
Pay Range $107,900.00 – $195,050.00
Pay and Benefits Pay and benefits are fundamental to any career decision. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave, and Retirement. More details are available at www.leidos.com/careers/pay-benefits.
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#J-18808-Ljbffr