Cyber Intrusion AnalystLeidos
Description
The Defense Sector at Leidos currently has an opening for a Cyber Intrusion Analyst with a active SECRET clearance!
Primary Responsibilities.
- Leadership & Team Development
- Member of the IMCOM HHA team, ensuring compliance with Army quality and regulatory standards.
- Provide hands-on leadership to the IMCOM HHA team, mentoring and developing inspectors to ensure efficient operational support and continuous improvement.
- Perform computer network inspections to mitigate / prevent incident detection, and response activities to detect, correlate, identify and characterize anomalous activity that may be indicative of threats to the enterprise.
- Monitor various security tools and applications for possible malicious activities, investigate any associated alerts or indicators, and develop recommendations for a course of action, including mitigation strategies as necessary.
- Conduct analysis of low-level (“low and slow”) events to identify unauthorized activity utilizing exploratory problem-solving or self-learning techniques.
- Conduct event triage and analysis, which can result in network traffic validations or a Mission Partner’s incident report.
- Utilize formal monitoring policies and procedures that include the appropriate use of DoD-approved network monitoring and traffic analysis tools to assist with identifying suspicious, anomalous, or overtly malicious network traffic on a 24/7/365 basis.
- Review and analyze available logs in a timely manner to detect intruders and notify Mission Partners of activity through a formal reporting process/pending an incident report.
- Apply, develop, tune, and distribute or optimize new and existing countermeasures or guidance to prevent or mitigate potential cyber event impacts when possible.
- Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks.
- Understand attack signatures, tactics, techniques, and procedures associated with advanced threats.
- Requires good technical writing skills as each event, including the associated analysis, are documented in a ticketing system for review and action.
- Requires excellent communication skills as we are collocated with our customer and regular face-to-face interaction is necessary throughout the day, as well as significant coordination and communication between team members.
Basic Qualifications.
- Ability to obtain Secret Clearance. Ability to achieve TS/SCI clearance level
- Bachelor's, additional relevant work experience and/or military service may be considered in lieu of degree
- Networking: TCP/IP Fundamentals, Network Traffic Analysis, Wireshark, Cisco Packet Tracer
- Programming: Python, Java, JavaScript, HTML
- Systems: Linux, Operating Systems Concepts, Computer Architecture, MySQL
- Security & Analysis: Security Monitoring, Threat Detection Concepts, SIEM Concepts, Risk Mitigation, NIST Framework Concepts
- Experience working with DoW / Government.
- Strong computing system knowledge, particularly networking, including a knowledge of communication protocols and familiarity with common computing security elements such as IDS/IPS systems and firewalls.
Preferred Qualifications.
- Active DOW Secret Clearance.
- CompTIA Security+, TCP/IP networking, Linux systems, Cisco Packet Tracer, Wireshark
- Familiarity with Military Regulations and security compliance procedures
- Experience with both CONUS and OCONUS threat environments to Department of War facilities.
- Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task.
- Knowledge of hacker tactics, techniques and procedures (TTP).
- Familiarity with computing security frameworks such as MITRE ATT&CK and Cyber Kill Chain.
- Monitoring of intrusion detection and computer defense appliances (Splunk, Elastic), applications, and analysis of associated alerts.
- Knowledge of advanced threat actor tactics, techniques, and procedures (TTP)
- Understanding of software exploits.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting:
July 6, 2026For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
