Defensive Cyber Operations Analyst
Company: Leidos
Location: Washington
Posted on: April 3, 2026
|
|
|
Job Description:
The Leidos Digital Modernization sector is seeking Defensive
Cyber Operations Analysts to support a Defensive Cyber Operations
(DCO) team in Washington, DC. Our team provides mission critical,
24/7 operational support to the customer’s mission of protecting
federal networked systems and services from cyber threats impacting
national security. We hire for these roles on an ongoing basis and
our recruiting team will contact applicants as positions become
available. This is a hybrid position with the potential for up to
20% Telework. Shifts include Days, Swings and Mids. Shift
availability will vary based on program needs and staffing levels.
All new hires’ initial 4-6 weeks will be spent on weekday Day Shift
to complete onboarding, training and familiarization. Applicants
must remain flexible to potential shift modifications to assist in
meeting minimum staffing requirements. PRIMARY RESPONSIBILITIES:
Incident Detection & Characterization: Perform computer network
incident detection and response activities to detect, correlate,
identify, and characterize anomalous activity indicative of
enterprise threats. Continuous Security Monitoring: Monitor various
security tools and applications for malicious activities,
investigate associated alerts or indicators, and develop mitigation
strategies and courses of action. Operational Rigor: Follow
Standard Operating Procedures (SOPs) with strong attention to
detail, ensuring all system checks are performed timely and all
documentation is complete and accurate. Technical Leadership &
Influence: Work to influence project/team leaders regarding
solution design and process approaches; review investigations and
reports of peers to ensure accuracy and clarity. Senior-Level
Briefing: Develop and conduct technical briefings to senior
management, translating complex security events into actionable
business or mission intelligence. Detailed Documentation: Maintain
high-quality technical writing standards, documenting every event
and associated analysis within the ticketing system for audit and
follow-on action. Collaborative Coordination: Exercise excellent
communication skills for regular face-to-face customer interaction
and high-tempo coordination between team members in a collocated
environment. Adaptive Defense: Support the CSSP in providing
detect, response, mitigation, and recovery capabilities by
monitoring network/host/application security devices. BASIC
QUALIFICATIONS: All positions require a Bachelor's Degree in a
related discipline as well as professional, directly relevant
experience depending on job level (Level II: 2 years of experience,
Level III: 4 years of experience, Level IV: 8 years of experience).
Additional years of professional and/or military experience may be
substituted in lieu of degree. DoD 8570 IAT Level II/III: Must hold
an IAT Level II or higher certification (or obtain within 180
days). (e.g., CompTIA Security, CySA, GSEC, SSCP) or (CASP CE, CCNP
Security, CISA, GCED, and GCIH). DoD 8570 CSSP Analyst: Must hold a
CSSP Analyst certification (or obtain within 180 days). (e.g.,
CompTIA CySA, Cloud, GIAC GCIA). DoD 8570 CSSP Infrastructure
Support: Must hold a CSSP Infrastructure Support certification (or
obtain within 180 days). (e.g., CompTIA CySA, Cloud, EC-Council
CEH, CND, CHFI, GIAC GICSP, and ISC2 SSCP). Technical Proficiency:
Strong computing system knowledge, particularly networking,
including communication protocols and familiarity with common
security elements such as IDS/IPS and firewalls. Data Analysis:
Direct experience evaluating packet captures (PCAP) and logs to
identify malicious traffic and verify security events. Security
Clearance: Current DoD TS/SCI security clearance and ability to
pass additional customer suitability screenings prior to start and
maintain throughout employment. PREFERRED SKILLS: SOC Excellence:
Prior experience working in a Cyber Network Defense (CND) or
Security Operations Center (SOC) environment. Framework Expertise:
Demonstrated familiarity with security frameworks such as the
Lockheed Martin Cyber Kill Chain and MITRE ATT&CK. Intrusion
Analysis: Specialized experience in the monitoring of intrusion
detection appliances and the analysis of complex, multi-stage
alerts. Response Recommendation: Proven track record of documenting
technical analysis and providing defensive response recommendations
to senior stakeholders. Platform Familiarity: Experience working
with SIEM platforms (Splunk, Elastic, or similar) to perform data
correlation and search queries. ms If you're looking for comfort,
keep scrolling. At Leidos, we outthink, outbuild, and outpace the
status quo — because the mission demands it. We're not hiring
followers. We're recruiting the ones who disrupt, provoke, and
refuse to fail. Step 10 is ancient history. We're already at step
30 — and moving faster than anyone else dares. Original Posting:
March 12, 2026 For U.S. Positions: While subject to change based on
business needs, Leidos reasonably anticipates that this job
requisition will remain open for at least 3 days with an
anticipated close date of no earlier than 3 days after the original
posting date as listed above. Pay Range: Pay Range $87,100.00 -
$157,450.00 The Leidos pay range for this job level is a general
guideline only and not a guarantee of compensation or salary.
Additional factors considered in extending an offer include (but
are not limited to) responsibilities of the job, education,
experience, knowledge, skills, and abilities, as well as internal
equity, alignment with market data, applicable bargaining agreement
(if any), or other law.
Keywords: Leidos, Annandale , Defensive Cyber Operations Analyst, IT / Software / Systems , Washington, Virginia
