Leidos · 3 hours ago
Tier 3 Cyber Threat Intelligence Analyst
10160 Washington DC
Full-time
Onsite
Senior Level, Lead/Staff
$108K/yr - $195K/yr
8+ years expLeidos is seeking a Tier 3 Cyber Threat Intelligence Analyst to join their team on a highly visible cyber security project supporting the Department of Homeland Security. The role involves monitoring, detecting, analyzing, and responding to cyber threats, as well as enhancing the cybersecurity posture of the organization through in-depth intelligence analysis and threat hunting activities.
ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures)
Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the organization’s IT operating environment
Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management and customer teams for purposes of situational awareness and making threat intelligence actionable
Provide support to the Network Operations Security Center during incident response and threat hunting activities that include cyber threat analysis support, research, recommending relevant remediation and mitigation
Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establish countermeasures to increase cyber resiliency
Host-based and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence
Deep understanding of the cyber "Pyramid of Pain", Cyber Kill Chain, MITRE ATT&CK and the Diamond Model. Analysts should be able to conduct in-depth research into threat actors, tools, infrastructure, and TTPs using these frameworks
Ability to correlate and enrich data from intelligence sources with internal logs, alerts, and incident data from Splunk and Analyst1 to drive threat hunting and detection initiatives
Strong written and oral communication skills
Qualification
Required
The candidate must currently possess a Top Secret/SCI Clearance
BS in IT related field and 8-12 years' experience in an IT field, or MS in IT related field and 8+ years' experience in an IT Field, with a minimum of 7 years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis
Two years of recent experience with host-based and network-based security monitoring solutions and to include security content recommendation or development (host based and network signatures)
Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management and customer teams for purposes of situational awareness and making threat intelligence actionable
Provide support to the Network Operations Security Center during incident response and threat hunting activities that include cyber threat analysis support, research, recommending relevant remediation and mitigation
Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establish countermeasures to increase cyber resiliency
Host-based and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence
Deep understanding of the cyber 'Pyramid of Pain', Cyber Kill Chain, MITRE ATT&CK and the Diamond Model. Analysts should be able to conduct in-depth research into threat actors, tools, infrastructure, and TTPs using these frameworks
Ability to correlate and enrich data from intelligence sources with internal logs, alerts, and incident data from Splunk and Analyst1 to drive threat hunting and detection initiatives
Strong written and oral communication skills
Preferred
Must have one of the following certifications: CASP+ CE, CCNP-Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP
SANS GCTI
Previous DOD, IC or Law Enforcement Intelligence or Counterintelligence Training/Experience
Knowledge of Structured Analytic Technique
Developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts, Python, C++, HTML, XML or other types most appropriate for the task
Proficient in one more of the following computer languages Python, Bash, Visual Basic or PowerShell to support cyber threat detection or reporting
Working familiarity with additional tools such as CrowdStrike Falcon, Tanium, Proofpoint TAP, and Zscaler
Company
Leidos
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
unknown2025-02-20Post Ipo Debt
2013-09-17IPO
Leadership Team
James Carlini
Chief Technology Officer
Theodore Tanner
Chief Technology Officer
Recent News
MarketScreener
2025-12-16
2025-12-16
Company data provided by crunchbase