Logo
Leidos

Cybersecurity Threat Detection Specialist Job at Leidos in Arlington

Leidos, Arlington, VA, United States


Description At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. If this sounds like the kind of environment where you can thrive, keep reading! The Digital Modernization Sector brings together our digital transformation and IT programs, allowing us to better serve our customers through scale and repeatability. Leidos has a critical need for an experienced Cybersecurity Threat Detection Specialist to support the DHS CISA SOC. This role requires a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to work within a team to enhance our customer's cybersecurity capabilities. As a Cybersecurity Threat Detection Specialist, you will play a vital role in defending our organization by developing, implementing, and fine-tuning threat detection strategies to promptly identify and respond to malicious activities. This position demands expertise in security analytics, data correlation, threat intelligence, and automation within a Security Information and Event Management (SIEM) platform or equivalent detection systems. Primary Responsibilities: Drive the development and maintenance of detection rules to spot malicious behaviors. Enhance detection efficacy by minimizing false positives and maximizing true positive rates. Collaborate closely with the Incident Response Team to ensure comprehensive coverage for detected threats, while also providing detailed analysis and documentation. Integrate automated workflows and playbooks to optimize response processes. Work together with threat intelligence teams to create detection logic for emerging threats. Produce reports and dashboards that showcase detection effectiveness and threat trends. Document detection processes, methodologies, and workflows. Share insights and mentor team members on best practices for threat detection. Basic Qualifications: BS degree in a relevant field (e.g., Science, Technology, Engineering, Math) with 12-15 years of prior experience in cybersecurity. Equivalent experience or certifications will be considered in lieu of a degree. Strong expertise in SIEM platforms and familiarity with query languages (e.g., SPL, KQL). Understanding of malware behaviors, threat actors, and attack tactics (MITRE ATT&CK). Ability to independently assess and improve detection rules. Proficient troubleshooting and documentation skills. Experience in developing and fine-tuning detection rules for complex threats. Collaboration with threat intelligence teams to incorporate threat indicators into detection logic. Contribute to playbook development while working closely with Incident Response on detection coverage. Lead and mentor analysts in detection techniques and security best practices. Preferred Qualifications: Understanding of malware behaviors, threat actors, and attack tactics (MITRE ATT&CK). Experience with automation and scripting (e.g., Python, PowerShell). Certifications: SANS: GCDA, GCDT, GCFA, GCFE, GCTI, GCIA, GCIH. Splunk: Certified Power User, Splunk Admin, Certified Cybersecurity Defense Analyst, Certified Cybersecurity Defense Engineer (SCCDE). MITRE: MITRE ATT&CK Defender (MAD) certifications. Original Posting Date: 2024-11-13 While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: Pay Range $122,200.00 - $220,900.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. #Remote