Defensive Cyber Operations Analyst

Description The Leidos Digital Modernization sector is seeking Defensive Cyber Operations Analysts to support a Defensive Cyber Operations (DCO) team in Washington, DC. Our team provides mission critical, 24/7 operational support to protect federal networked systems and services from cyber threats impacting national security. We hire for these roles on an ongoing basis and our recruiting team will contact applicants as positions become available. This is a hybrid position with the potential for up to 20% Telework. Shifts include Days, Swings and Mids. All new hires’ initial 4-6 weeks will be spent on weekday Day Shift to complete onboarding, training and familiarization. Applicants must remain flexible to potential shift modifications to assist in meeting minimum staffing requirements. Primary Responsibilities Incident Detection & Characterization: Perform computer network incident detection and response activities to detect, correlate, identify, and characterize anomalous activity indicative of enterprise threats. Continuous Security Monitoring: Monitor various security tools and applications for malicious activities, investigate associated alerts or indicators, and develop mitigation strategies and courses of action. Operational Rigor: Follow Standard Operating Procedures (SOPs) with strong attention to detail, ensuring all system checks are performed timely and all documentation is complete and accurate. Technical Leadership & Influence: Work to influence project/team leaders regarding solution design and process approaches; review investigations and reports of peers to ensure accuracy and clarity. Senior-Level Briefing: Develop and conduct technical briefings to senior management, translating complex security events into actionable business or mission intelligence. Detailed Documentation: Maintain high-quality technical writing standards, documenting every event and associated analysis within the ticketing system for audit and follow-on action. Collaborative Coordination: Exercise excellent communication skills for regular face-to-face customer interaction and high-tempo coordination between team members in a collocated environment. Adaptive Defense: Support the CSSP in providing detect, response, mitigation, and recovery capabilities by monitoring network/host/application security devices. Basic Qualifications All positions require a Bachelor's Degree in a related discipline as well as professional, directly relevant experience depending on job level (Level II: 2+ years; Level III: 4+ years; Level IV: 8+ years). Additional years of professional and/or military experience may be substituted in lieu of degree. DoD 8570 IAT Level II/III: Must hold an IAT Level II or higher certification (or obtain within 180 days). (e.g., CompTIA Security+, CySA+, GSEC, SSCP) or (CASP+ CE, CCNP Security, CISA, GCED, and GCIH). DoD 8570 CSSP Analyst: Must hold a CSSP Analyst certification (or obtain within 180 days). (e.g., CompTIA CySA+, Cloud+, GIAC GCIA). DoD 8570 CSSP Infrastructure Support: Must hold a CSSP Infrastructure Support certification (or obtain within 180 days). (e.g., CompTIA CySA+, Cloud+, EC-Council CEH, CND, CHFI, GIAC GICSP, ISC2 SSCP). Technical Proficiency: Strong computing system knowledge, particularly networking, including communication protocols and familiarity with common security elements such as IDS/IPS and firewalls. Data Analysis: Direct experience evaluating packet captures (PCAP) and logs to identify malicious traffic and verify security events. Security Clearance: Current DoD TS/SCI security clearance and ability to pass additional customer suitability screenings prior to start and maintain throughout employment. Preferred Skills SOC Excellence: Prior experience working in a Cyber Network Defense (CND) or Security Operations Center (SOC) environment. Framework Expertise: Demonstrated familiarity with security frameworks such as the Lockheed Martin Cyber Kill Chain and MITRE ATT&CK. Intrusion Analysis: Specialized experience in the monitoring of intrusion detection appliances and the analysis of complex, multi-stage alerts. Response Recommendation: Proven track record of documenting technical analysis and providing defensive response recommendations to senior stakeholders. Platform Familiarity: Experience working with SIEM platforms (Splunk, Elastic, or similar) to perform data correlation and search queries. Pay and Benefits Pay Range: $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include responsibilities, education, experience, knowledge, skills, and abilities, as well as internal equity and applicable law. About Leidos Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit Security and Compliance Securing Your Data: Leidos will never ask for payment-related information during the employment application process. If you receive a suspicious email, contact View email address on click.appcast.io. Commitment to Non-Discrimination: All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, disability, pregnancy, family structure, marital status, ancestry, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider qualified applicants with criminal histories consistent with relevant laws. #J-18808-Ljbffr Leidos