Cyber Threat Intelligence Analyst


Job Description:

Leidos has an immediate need for a talented Cyber Threat Intelligence Tier 3 Analyst to join our team supporting the CBP SOC program.
  • The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following:
  • Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures).
  • Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of an the organization's IT operating environment.

Basic Qualifications:
  • The candidate must currently possess a Top Secret/SCI Clearance. In addition to clearance requirement, all CBP personnel must have a current or be able to favorably pass a 5 year background investigation (BI).
  • BS in IT related field or higher and 12+ years' experience in an information technology field with a minimum of 7 years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis.
  • Two years of recent experience with host-based and network based security monitoring solutions and to include security content recommendation or development (host based and network signatures).
  • Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management and customer teams for purposes of situational awareness and making threat intelligence actionable.
  • Provide support to the Security Operations Center during incident response and threat hunting activities that includes cyber threat analysis support, research, recommending relevant remediation and mitigation.
  • Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency
  • Proficient in one more of the following computer languages Python, Bash, Visual Basic or Powershell in order to support cyber threat detection or reporting
  • Host-based and network based forensics related to the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence.
  • Deep understanding of Cyber Kill Chain and applicable analytic models such the Diamond Model
  • Strong written and oral communication skills

Desired certifications/skills:
  • Certified Information System Security Professional (CISSP).
  • Previous DOD, IC or Law Enforcement Intelligence or Counter Intelligence Training/Experience.
  • Knowledge of Structured Analytic Technique
  • Developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts,Python, C++, HTML, XML or other type most appropriate for the task.

External Referral Bonus:


External Referral Bonus $:


Potential for Telework:


Clearance Level Required:




Scheduled Weekly Hours:




Requisition Category:


Job Family:

Cyber Operations

Pay Range: