To our valued Leidos candidates:

Coronavirus is on everyone's mind with the effects being felt around the world. The markets are volatile, and we're all concerned for the health and safety of our families, friends, and colleagues. Please know that we're taking all necessary measures to safeguard our employees, customers and the communities in which we live, including following all recommended best practices around social distancing.

With that in mind, in an abundance of caution, we are canceling all face to face career events, such as job fairs and open house events. In the coming days and weeks, we will be hosting career events virtually, using our online chat tools so that we may continue our hiring practice safely and securely. You can find available virtual career events at

We are using telephone meetings and online chats via Brazen to conduct interviews and hiring discussions, and we are offering options for video interviews so that you can have a virtual face to face meeting with your potential new leader. We do not conduct interviews or extend offers via text or chat based social media, such as WhatsApp or MySpace.

Leidos will never ask you to provide payment-related information at any part of the employment application process, nor will Leidos ever advance money as part of the hiring process. And Leidos will communicate with you only through emails that are generated by automated system. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to Chris Scalia, Leidos’ Senior Vice President of Talent Acquisition, at [email protected].

As a company, as a country, as a world, we have confronted challenging moments before. We are confident that, guided by our values and the strength of our community as well as the commitment we have to the important work we do each day, we will find our way through this time together. We will do this with the care and concern for one another and the common good that defines. Please keep those impacted by the virus in your thoughts.

Close Window
Join our talent network

Job #: R-00074322-OTHLOC-6314
Location: Remote, United States
Category: Cyber Operations
Schedule (FT/PT): Full Time
Travel Required: Yes, 10% of the time
Shift: Day
Potential for Telework: Yes, 100%
Clearance: None
Referral Eligibility: Eligible
Referral Bonus Amount: $2000.00
Group: Corporate

This job posting is no longer active.

Share: mail twitter linkedin


Job Description:

Leidos is looking for an Insider Threat Analyst to assist with the development of an insider threat program and its software; utilizing big data analytics, SIEM (preferably Splunk), next-gen firewalls, custom logging, and other network utilities, to join our Cyber Security Intelligence & Response Team (CSIRT). The analyst will support the effort to develop the insider threat program and assist with the design, testing, deployment, maintenance, operation, and constant evolution of the system.  This will include the development of User Behavior Analytics (UBA) via data mining and the review of large amounts of complex data types to detect and create indicators for potential insider threat activity. The analyst will also investigate leads generated and work with the various investigation organizations within Leidos to determine their legitimacy. The analyst will also support cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership, staff, and external organizations.  The ideal candidate would have some knowledge of insider threat activities and counterintelligence forensic investigation(s) and understand the concepts involved with these types of activities.

Primary Responsibilities

  • Investigate leads generated and work with the various investigation organizations within Leidos to determine their legitimacy
  • Assist with the development of the CSIRT insider threat program by integrating, evaluating, and interpreting multiple sources of information to detect foreign, criminal, and insider threats activities.
  • Help design, maintain, and constantly evolve an automated capability to data mine and analyze large volumes of data to identify potential insider threat behaviors, indicators or other activity.
  • Create Tactics Techniques and Procedures (TTPs) for identifying insider threats and brief leadership, team members and other involved parties on emerging threats.
  • Gather, integrate, review, analyze, and respond to information derived from Insider Threat, Counter-Intelligence, Security, legal, HR and other information sources in order to identify potential insider threat concerns.
  • Develop and document user activity monitoring triggers and behavioral indicators, which will be utilized to identify potential insider threats. Identify gaps and create necessary adjustments to account for them.
  • Serve as subject matter expert to coworkers and customers and provide guidance in designing and implementing insider threat detections and other techniques.
  • Provide analytic case support to investigations, administrative or security inquiries, counterintelligence risk assessments, or other assessments as needed
  • Perform complex forensic investigations and support legal eDiscovery requests and incidents as required.
  • Execute and maintain standard operating procedures (SOPs) for the Insider Threat Program
  • Collaborates with cross-functional teams which can include, counterintelligence, legal, privacy, human resources, cyber, personnel security
  • Job responsibilities may include: Security Alerting Response, Workflow Management Input, Data Analysis & Correlation, Incident Handling (coordination of resources and response efforts), Threat Classification, Critical Incident Escalation, Mitigation Coordination and embracing defined SOC operational and functional policies and procedures.

Basic Qualifications

  • Bachelor's degree and 1-3 years or technical experience, Master’s degree with minimum 1 year of technical experience, or 4-8 years of relevant experience with demonstrated knowledge of cyber security and/or insider threat investigations.
  • Ability to function in a fast moving and complex collaborative environment, seeking continuous consultation with other analysts and customers, both internal and external to the organization, to leverage analytical and technical expertise.
  • Understanding of Insider Threat investigations, reporting, tools, and detection methods.
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], services (e.g., web, mail, DNS), and how they interact to provide network communications
  • Experience with digital forensic investigations
  • Experience with Splunk (preferred) or other SIEM-type platforms
  • US Citizenship is required

Preferred Qualifications

  • Experience with forensic investigations and litigation support principles and methodologies
  • Knowledge of system administration, network, and operating system hardening techniques for Windows and Unix
  • Programming experience and customized script development (Python preferred)
  • Skilled in preserving evidence integrity according to standard operating procedures or national standards.
  • Knowledge of cybersecurity and privacy principles
  • Knowledge of operating system command-line tools
  • Ability to exercise judgment when policies are not well-defined

Pay Range:

Pay Range $60,450.00 - $93,000.00 - $125,550.00


Covid Guidance

In order to enter Leidos facilities in the U.S. and to attend Leidos events outside our facilities, employees are required to be vaccinated for COVID-19 or maintain proof of a negative COVID-19 test within 96 hours of entry. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC. 

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 43,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $13.7 billion for the fiscal year ended December 31, 2021. For more information, visit

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

This job posting is no longer active.

Talent Community

Join our Talent Community to create a profile, enabling a streamlined application process and to help our recruiters better understand your areas of expertise and interest.

Join our Talent Community