Cyber Defense Analyst

About the Role

The CSIRT team is part of Leidos' Corporate Information Security Office and reports through the Digital Modernization sector. The company is committed to providing a supportive and collaborative environment, and is looking for a candidate who is passionate about cybersecurity and eager to make a real impact.

Leidos is a global company with over 50,000 employees, providing defense, intelligence, and health products to customers around the world. As a Cyber Defense Analyst, you will be working on the front lines of cybersecurity, using the latest technical advancements and custom-built cybersecurity capabilities to protect the company's global networks.

What You Will Do

• Analyze network and host activity associated with both successful and unsuccessful intrusions by advanced attackers
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output
• Support enterprise incident response efforts
• Leverage understanding of tactics, techniques, and procedures associated with advanced threats to create and add custom signatures that mitigate highly dynamic threats to the enterprise
• Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering
• Proactively research emerging cyber threats
• Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits
• Contribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure
• Participate in threat hunt operations using known adversary tactics, techniques, and procedures, as well as indicators of attack, in order to detect advanced threats to the enterprise
• Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals
• Provide on-call support for incident response efforts outside of core hours as needed

What We Are Looking For

• BS Degree and 4-8 years relevant experience in cybersecurity or network defense
• Experience with Splunk or other SIEM-type platform
• Experience in conventional network/host-based intrusion analysis, digital forensics, or malware analysis
• Experience performing "deep dive" analysis and correlation of log data from multiple sources including PCAP and forensic artifacts
• Experience leading and contributing to incident response activities
• Strong understanding of Operating Systems and Network Protocols
• Proficiency in relevant certifications (CISSP, SANS GIAC, CEH, etc.)
• US Citizenship and eligibility to obtain DoD Clearance as required

Nice to Have

• Experience with custom-built cybersecurity capabilities
• Knowledge of emerging cyber threats and trends
• Experience working in a collaborative and fast-paced environment

Benefits and Perks

• Opportunity to work remotely from any US-based location
• Collaborative and supportive work environment
• Professional development opportunities through training and conferences
• Access to the latest technical advancements and custom-built cybersecurity capabilities
• Competitive salary and benefits package
• Opportunity to work on the front lines of cybersecurity and make a real impact on the company's global networks

• Make sure to highlight your experience with Splunk and threat hunting in your application
• Be prepared to demonstrate your understanding of tactics, techniques, and procedures associated with advanced threats
• Show examples of your ability to work collaboratively and provide insights to support incident response efforts
• Research Leidos' company culture and values to show your passion for the role and the company
• Prepare to discuss your experience with relevant certifications and your ability to obtain DoD Clearance
• Don't be afraid to ask about opportunities for professional development and growth within the company