Advanced Threat Detection Analyst

Remote Full-time

About the position Leidos has a job opportunity for a Advanced Threat Detection Analyst expected to start in March 2026. This is a hybrid position allowing a 50/50 remote/onsite split, and can work out of any of our three locations: Hill AFB, Scott AFB, or Whitehall OH. Candidates must be within commuting distance (or prepared to self-relocate) to one of these locations. This position supports the Defense Information Systems Agency (DISA) GSM-O II program and its global Defensive Cyber Operations (DCO) organization. As a key leader, you will lead a Advanced Threat Detection team in providing critical network operations and cyber defense for stakeholders including Cyber Security Service Provider (CSSP) Customers, the Department of War (DoW) Information Network, and Combatant Commands. You will be responsible for overseeing daily threat hunting operations, developing cyber threat intelligence products, and investigating adversary indicators. This role involves leading your team in incident handling, network analysis, threat detection, and trend analysis, while also serving as a subject matter expert on advanced threat intelligence principles. Responsibilities • Strategic Threat Intelligence Leadership: Serve as a subject matter expert on advanced threat intelligence principles (e.g., Cyber Kill Chain, MITRE ATT&CK), influencing the development of solutions that impact strategic program goals. • Develop and recommend new technical standards and products to support the organization's cyber defense strategy. • Innovative Solution Development: Resolve highly complex problems by conceptualizing, researching, and integrating best practices. • Lead the development of highly innovative solutions, such as custom signatures and advanced correlation logic, by interpreting threat actor tactics, techniques, and procedures (TTPs). • Executive Communication & Influence: Communicate matters of significant importance to executive leadership, both internally and with the client. • Deliver authoritative threat briefs to senior leaders and work to convince stakeholders to accept and adopt new concepts, practices, and security approaches. • Team Leadership & Management: Lead and manage the work of other technical staff, including mentoring and training fusion analysts on advanced TTPs. • Ensure the team's work on incident handling, event triage, and network analysis has a significant and positive impact on project results and outputs. • Advanced Operational Collaboration: Drive daily coordination with the DISA Global Countermeasures Team and external agencies. • Ensure the seamless integration of threat intelligence into countermeasures to proactively detect, prevent, and mitigate intrusions and malware infections across the enterprise. • Process & Documentation Oversight: Direct the creation and maintenance of all process documentation for the fusion team, ensuring that operational standards align with strategic objectives and reflect industry best practices. Requirements • Clearance: Minimum active DoD Secret clearance with the ability to obtain and maintain a TS/SCI. • Certification: Current DoD 8570 IAT Level II (or higher), such as CompTIA Security+ CE, ISC2 SSCP, or SANS GSEC. • Education & Experience: Requires a BS degree and 8–12 years of prior relevant experience, OR a Master's with 6 - 8 years of prior relevant experience. A Doctorate may also be considered. • Leadership Experience: 4+ years of formal or informal leadership experience. • Cybersecurity Experience: 8+ years of cybersecurity experience with an in-depth understanding of advanced computer defense technologies. • Expertise in the following areas: Proven ability to develop innovative solutions by researching and integrating best practices. • Demonstrated experience using frameworks like the Cyber Kill Chain and MITRE ATT&CK to influence strategic goals. • Ability to lead and manage the work of a technical, multi-site team. • Excellent verbal and written communication skills, with experience influencing executive leadership. Nice-to-haves • Experience working for a Cybersecurity Service Provider (CSSP) or Security Operations Center (SOC). • Knowledge of Threat Hunting practices, techniques, and Advanced Persistent Threats (APTs). • Advanced knowledge of a prominent Security Information and Event Management (SIEM) tool (e.g., Splunk, Elasticsearch).

Apply Now →

Advanced Threat Detection Analyst

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

USPS Office Helper

[Remote] Technical Printer Support Representative I (Laser)

Senior Software Engineer - Applied AI

[Remote] Due Diligence Credit Analyst

Staff Software Engineer

Experienced Customer Service Representative – Remote Work from Home Opportunity with arenaflex

[Remote] HEDIS Data Reviewer

Director, Finance & Accounting Transformation

System Application Operator II - 3 Month Temporary Role

Experienced Aviation Data Entry Specialist – Airline Operations Support and Management

Tesla Data Entry Jobs ||Remote|| (Data Collection Operator) – My – Amazon Store