×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Tier 3 Cyber Threat Intelligence Analyst

Job in Washington, District of Columbia, 20022, USA
Listing for: Leidos
Full Time position
Listed on 2026-01-25
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Job Description & How to Apply Below

Description

Leidos is seeking a Tier 3 Cyber Threat Intelligence Analyst to join our team on a highly visible cyber security single-award IDIQ vehicle that provides Network Operations Security Operations (NOSC) support, cyber analysis, and application development.

Department of Homeland Security (DHS), NOSC Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. DHS NOSC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC.

Direction and coordination are achieved through a shared DHS incident tracking system and other means of coordination and communication.

The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following:
Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures).

Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the organization’s IT operating environment.

Basic Qualifications
  • The candidate must currently possess a Top Secret/SCI Clearance.
  • BS in IT related field and 8-12 years’ experience in an IT field, or MS in IT related field and 8+ years’ experience in an IT Field, with a minimum of 7 years of experience as a Tier III senior cyber security analyst performing intelligence analysis, collection management, and technical analysis.
  • Two years of recent experience with host-based and network-based security monitoring solutions and to include security content recommendation or development (host based and network signatures).
  • Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers, management and customer teams for purposes of situational awareness and making threat intelligence actionable.
  • Provide support to the Network Operations Security Center during incident response and threat hunting activities that include cyber threat analysis support, research, recommending relevant remediation and mitigation.
  • Conduct trending and correlation of various cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establish countermeasures to increase cyber resiliency.
  • Host-based and network-based forensics related to the identification of advanced cyber threat activities, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence.
  • Deep understanding of the cyber "Pyramid of Pain", Cyber Kill Chain, MITRE ATT&CK and the Diamond Model. Analysts should be able to conduct in-depth research into threat actors, tools, infrastructure, and TTPs using these frameworks.
  • Ability to correlate and enrich data from intelligence sources with internal logs, alerts, and incident data from Splunk and Analyst1 to drive threat hunting and detection initiatives.
  • Strong written and oral communication skills.
Preferred Qualifications
  • Must have at least one of the following certifications: CASP+ CE, CCNP-Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP
  • Additionally preferred certifications held: SANS GCTI, Previous DOD, IC or Law Enforcement Intelligence or Counterintelligence Training/Experience, Knowledge of Structured Analytic Technique, Developing scripts to support cyber threat detection that outputs results in a variety of formats, such as VB scripts, Python, C++, HTML, XML or other types most appropriate for the task, Proficient in one more of the following computer languages Python, Bash, Visual Basic or Power Shell to support cyber threat detection or reporting, Working familiarity with additional tools such as Crowd Strike Falcon, Tanium, Proofpoint TAP, and Zscaler.

If you're looking for…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search