Night Shift SOC Cybersecurity Analyst

DescriptionJoin Leidos' Digital Modernization sector as an Incident Response Analyst! We are consistently seeking talented individuals to support our GSMO efforts. If you are passionate about cybersecurity and ready to make a difference, we want to hear from you!This position requires a minimum of a Secret clearance with the capability to obtain TS/SCI. Ideal candidates will have at least 1 year of incident handling/response experience, along with prior experience in a Security Operations Center (SOC). This role is for night shifts (10pm - 6am), which may be scheduled Sunday-Thursday or Tuesday-Saturday, and is 100% on-site in Alexandria, VA.Primary Responsibilities:Analyze alerts from endpoints, IDS/IPS, netflow, and custom sensors to identify compromises on customer networks/endpoints.Conduct junior- to intermediate-level reviews of extensive log files, pivot data sets, and correlate evidence for incident investigations.Pass triaged alerts to senior-level SOC personnel and assist in identifying malicious activities on customer networks.Document analyses, findings, and actions in a case/knowledge management system.Support senior SOC personnel with the creation and distribution of incident reports to customers and higher management.Required Clearance and Certifications:Must possess an active DoD Secret security clearance or higher, with the ability to obtain TS/SCI.Must hold DoD 8570 IAT II or higher certification (e.g., CompTIA Security+ CE, ISC2 SSCP, SANS GSEC) prior to starting.Must have DoD 8570 CSSP-A certification (e.g., CEH, CySA+, GCIA) before commencing work.Required Qualifications:Bachelor's degree with 3+ years of relevant experience; equivalent work experience may substitute for a degree.1+ years in incident handling/response.1+ years of experience in a SOC environment.Experience in CND (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization.Strong understanding of network threats, attacks, attack vectors, and methods of exploitation, including knowledge of TTPs.Solid grasp of TCP/IP, common networking ports and protocols, traffic flow, system administration, and defense-in-depth strategies.Self-motivated with excellent written and verbal communication skills; capable of producing detailed technical reports.Commitment to continuous training, self-study, and maintaining knowledge in the cybersecurity domain.Strong analytical and troubleshooting abilities.Availability to perform shift work, including weekends.Preferred Qualifications:Hands-on experience analyzing large volumes of logs and network data (e.g., Netflow, Full Packet Capture) during incident investigations.In-depth knowledge of one or more enterprise SIEM platforms (e.g., ArcSight, Splunk, Nitro/McAfee, QRadar).Familiarity with tools such as Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, and Network Forensics.Experience with malware analysis methods and concepts.Proficiency with Unix/Linux command line.Experience in scripting and programming.Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.About our Program:Through the J-6 Pentagon Penetration Handling, Incident, System Health (PHISH) support services, we deliver IT products, services, and solutions to the Pentagon and other National Capitol Region DoD offices for mission success. Our Cybersecurity team conducts defensive actions in support of J-6 by monitoring networks and endpoint data to prevent, detect, respond, and recover from adversarial activities.About Leidos:Leidos is committed to making the world safer, healthier, and more efficient through technology and engineering. We offer meaningful careers in a collaborative culture that supports your career aspirations while ensuring a healthy work-life balance. Our values promote a culture that treats everyone with respect and champions diversity and inclusion, fostering a team environment that nurtures innovation.We understand that pay and benefits are essential for your career decisions. That’s why we offer competitive salaries, healthcare, wellness programs, an immediately vested 401k, income protection, flexible paid leave, and professional development assistance.--------------------------gsmo #tn14