To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00042932
Location: Colorado Springs, CO
Category: Cyber Operations
Schedule (FT/PT): Full Time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance: Secret
Referral Eligibility: Eligible
Group: Defense

Share: mail twitter linkedin


Job Description:

The Defense Group of Leidos has an open position for a Cyber Security Operations Watch (CSOW) Analyst in Colorado Springs, CO.
Our customer maintains a highly demanding mission and requires our support to provide expert technical and professional management support to the commands enterprise Information Technology (IT) services. The Cyber Security Operations Watch Analysts will support a program that provides sustainment, maintenance, problem and change management services to help ensure secure, reliable, and uninterrupted availability of the Department of Defense IP networks. Cyber Security Operations Watch Analysts provide support to implement Leidos IonIA for cyber threat mitigation and Proven Analytic-Centric Kill Chain Implementation and Transformation (PACKIT) to obtain steps that an adversary must go through to achieve their goal.

This position will report directly to the Cyber Security Operations Watch Lead, with regular interaction with the Cyber Security Manager and government POCs. 

Primary Responsibilities:

  • Works independently to achieve day-to-day objectives with significant impact to the overall NORAD/USNORTHCOM Government mission.

  • Engages with NORAD/USNORTHCOM Government customers, internal customers, team members and management, to fulfill cyber security requirements.  

  • Makes determinations based on that interaction.

  • Responsible for the development and fielding efforts including testing/installation of operating systems and application lock-down consistent with the current status of cyber security regulations.

  • Analyze and apply current cyber and Risk Management Framework (RMF) protocols to complex server, network and interconnected systems to resolve and satisfy the conditions necessary to achieve an Authority to Operate.

  • Responsible for multiple systems, function interchangeably within a team of engineers and support a cross functional approach to resolving the myriad of issues confronting applications and systems operating within a highly complex and interconnected networked environment.

  • Takes ownership of a segment of the solution and pursues the implementation across multiple technical areas.

  • Uses a deep understanding of and ability to apply principles, theories, and concepts of technical domain and has broad understanding of other related specialty areas experience with the application of DISA Security Technical Implementation Guides (STIGs) to operating Systems, Information Assurance Vulnerability Alert (IAVA) monitoring and application, system vulnerability scanning and mitigation of findings, and remediation of findings.

  • Designs, develops, and implements solutions that meet network and system security requirements and perform vulnerability/risk analyses of computer systems, networks and applications in conjunction with the tasking being simultaneously performed by the other cyber professionals, network staff, other corporate teammates and resident Government staff.

  • Defines solutions, communicates it to the stakeholders.  

  • Presents the solution and the adequacy of the solution to the stakeholders to ensure their acceptance, and then implement it within the context of a larger effort.

  • Evaluates the network to identify potential issues of network, system, and user cyber threat activity.

  • Implement appropriate countermeasures to deter and stop cyber threat.

  • Responsible for conducting Cyber vulnerability analysis and response.

  • Enacts and executes downward directed Defensive Cyber Operations actions.

  • Executes Information Condition (INFOCON) or Cyber Protection Condition (CPCON) Maintain up to date IP space tracking with subordinate boundaries.

  • Ensures access to the NOC and the CWOC-DCO watch.

  • Identifies and updates lists of point of contact for all system/IP inquiries from the CWOC for the entire N&NC IP space.

  • Provides expertise on technical and mission impact assessments and liaise with the CWOC and JCC for all Cybersecurity related incidents.

  • Conducts technical course of action analysis for cyber threat response based on vulnerabilities, architecture, and defense in depth strategies in place.

  • Determines which action analysis are appropriate.

  • Develops solutions and determines process improvements by providing root cause analysis for vulnerability exploitation and attack realization.

  • Responsible for reporting any security vulnerability produced as a result of the implementation of defensive cyber efforts to the CWOC.

  • Provides and compiles daily reports to track new and ongoing issues, status of implementation of solutions, results of various analysis, activities, observations, and determine upcoming actions.

  • Responsible for monitoring systems and directives, and ensures compliance.

  • Develop appropriate tactics, techniques, and procedures (TTPs) for response to cyber threats, cyber security, and access-related incidents, downward directed tasks, and insider threat triggers.

Basic Qualifications:

  • Bachelors degree and 2+ years relevant experience or a Masters degree with less than 2 years of experience.  Additional years of applicable experience will be accepted in lieu of degree.

  • Ability to get Certified Ethical Hacker (CEH) or Cybersecurity Analyst (CySA+) within 4 months.

  • Ability to get DoD 8570 CSSP in any of the following within 6 months: (Analyst, Infrastructure Support, Incident Responder or Auditor).

  • Current Secret clearance with ability to obtain TS/SCI and maintain it.

  • Experience recommending additional security requirements and safeguards.

  • Experience supporting the formal Cybersecurity/IA testing required by government accrediting authorities, and preparing System Security Plans.

Preferred Qualifications:

  • Familiarity with NORAD/USNORTHCOM systems.

  • CISSP/CISM Certification.

  • DoD 8570 IAM III Certification.

  • Experience in development of end user operating manuals and documentation.

  • Experience in training of end users in Operating System and SW application installation and operation.

  • Familiarity with Virtualization, particularly VMware/Vsphere.

External Referral Bonus:


Potential for Telework:


Clearance Level Required:




Scheduled Weekly Hours:




Requisition Category:


Job Family:

Cyber Operations


About Leidos

Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

   Save Job Saved

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community