To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network
Skip to main content

Job #: R-00068043
Location: Colorado Springs, CO
Category: Cyber Operations
Schedule (FT/PT): Full Time
Travel Required: No
Shift: Day
Potential for Telework: No
Clearance: Secret
Referral Eligibility: Eligible
Referral Bonus Amount: $3000
Group: Defense

This job posting is no longer active.

Share: mail twitter linkedin


Job Description:

Are you looking for an opportunity to support the United States Department of Defense systems to ensure they are secure and reliable? Our Enterprise and Cyber Solutions Defense team is looking for an experienced Cyber Security Operations Watch (CSOW) Analyst to work with our N2NOMS program which is situated in Colorado Springs, CO.

Our customer maintains a highly demanding mission and requires our support to provide expert technical and professional management support to the commands enterprise Information Technology (IT) services. The Cyber Security Operations Watch Analysts will support a program that provides sustainment, maintenance, problem and change management services to help ensure secure, reliable, and uninterrupted availability of the Department of Defense IP networks. Cyber Security Operations Watch Analysts provides 24x7 support to monitor and implement cyber threat mitigation and to obtain steps that an adversary must go through to achieve their goal.

This position will report directly to the Cyber Security Operations Watch Lead, with regular interaction with the Cyber Security Manager and government POCs. 

What will you do in this role?

  • Work independently to achieve day-to-day objectives with significant impact to the overall NORAD/USNORTHCOM Government mission.

  • Engage with NORAD/USNORTHCOM Government customers, internal customers, team members and management, to fulfill cyber security requirements.  

  • Take responsibility for development and fielding efforts including testing/installation of operating systems and application lock-down consistent with the current status of cyber security regulations.

  • Analyze current cyber and Risk Management Framework (RMF) protocols to complex server, network and interconnected systems to resolve and satisfy the conditions necessary to achieve an Authority to Operate.

  • Take responsibility for multiple systems, function interchangeably within a team of engineers and support a cross functional approach to resolving the myriad of issues confronting applications and systems operating within a highly complex and interconnected networked environment.

  • Take ownership of a segment of the solution and pursues the implementation across multiple technical areas.

  • Use your deep understanding of and ability to apply principles, theories, and concepts of technical domain and has broad understanding of other related specialty areas experience with the application of DISA Security Technical Implementation Guides (STIGs) to operating Systems, Information Assurance Vulnerability Alert (IAVA) monitoring and application, system vulnerability scanning and mitigation of findings, and remediation of findings.

  • Design, develop, and implement solutions that meet network and system security requirements and perform vulnerability/risk analyses of computer systems, networks and applications in conjunction with the tasking being simultaneously performed by the other cyber professionals, network staff, other corporate teammates and resident Government staff.

  • Define solutions, communicates it to the stakeholders.  

  • Present the solution and the adequacy of the solution to the stakeholders to ensure their acceptance, and then implement it within the context of a larger effort.

  • Evaluate the network to identify potential issues of network, system, and user cyber threat activity.

  • Recommend appropriate countermeasures to deter and stop cyber threat.

  • Conduct cyber vulnerability analysis and response.

  • Enact and execute downward directed Defensive Cyber Operations actions.

  • Execute Information Condition (INFOCON) or Cyber Protection Condition (CPCON) Maintain up to date IP space tracking with subordinate boundaries.

  • Ensure access to the NOC and the CWOC-DCO watch.

  • Identify and update lists of point of contact for all system/IP inquiries from the CWOC for the entire N&NC IP space.

  • Provide expertise on technical and mission impact assessments and liaise with the CWOC and JCC for all Cybersecurity related incidents.

  • Conduct technical course of action analysis for cyber threat response based on vulnerabilities, architecture, and defense in depth strategies in place.

  • Determine which action analysis are appropriate.

  • Develop solutions and determines process improvements by providing root cause analysis for vulnerability exploitation and attack realization.

  • Report any security vulnerability produced as a result of the implementation of defensive cyber efforts to the CWOC.

  • Provide and compile daily reports to track new and ongoing issues, status of implementation of solutions, results of various analysis, activities, observations, and determine upcoming actions

  • Monitor systems and directives, and ensures compliance.

  • Develop appropriate tactics, techniques, and procedures (TTPs) for response to cyber threats, cyber security, and access-related incidents, downward directed tasks, and insider threat triggers.

The following qualifications are required in order to be considered...

  • Bachelors degree and 2+ years relevant experience or a Masters degree with less than 2 years of experience.  Additional years of applicable experience will be accepted in lieu of degree.

  • Ability to get Certified Ethical Hacker (CEH) or Cybersecurity Analyst (CySA+) within 4 months.

  • Ability to get DoD 8570 CSSP in any of the following within 6 months: (Analyst, Infrastructure Support, Incident Responder or Auditor).

  • Current Secret clearance with ability to obtain TS/SCI and maintain it.

  • Experience recommending additional security requirements and safeguards.

  • Experience supporting the formal Cybersecurity/IA testing required by government accrediting authorities, and preparing System Security Plans.

The following qualifications are preferred, but not required:

  • Familiarity with NORAD/USNORTHCOM systems.

  • CISSP/CISM Certification.

  • DoD 8570 IAM III Certification.

  • Experience in development of end user operating manuals and documentation.

  • Experience in training of end users in Operating System and SW application installation and operation.

  • Familiarity with Virtualization, particularly VMware/Vsphere.


Pay Range:

Pay Range $54,600.00 - $84,000.00 - $113,400.00

Covid Guidance for the US

In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC. 

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 44,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

This job posting is no longer active.

Related Opportunities

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community