Cybersecurity Capability Developer Senior
Cybersecurity Capability Developer Senior
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 104650 - 189175
1 Vacancy
Job Description
Leidos is seeking a detailoriented and proactive Cybersecurity Capability Developer Senior to join our team in Huntsville AL or Clarksburg WV. The position will be part of an Enterprise Security Operations Center 24/7/365 Watch Floor team providing Threat Detection engineering. The position requires expertise in security analytics data correlation threat intelligence and automation within a Security Information and Event Management (SIEM) platform or equivalent detection systems.
At Leidos youll join a team of innovators tackling some of the worlds most critical challenges through cuttingedge technology and bold ideas. We foster a dynamic and collaborative environment where your expertise will directly contribute to mission success and the significance of your contributions will only be surpassed by the exceptional opportunities for your professional growth and advancement.
Primary Responsibilities:
Develop implement and maintain detection rules to identify malicious behaviors.
Optimize detection efficacy by reducing false positives and increasing true positive rates
Document detection processes methodologies and workflows.
Share insights and mentor team members on best practices in threat detection.
Design develop and maintain cybersecurity tools scripts and capabilities that enhance operational effectiveness within the ESOC watch floor.
Create automation solutions to streamline processes for threat detection incident triage response workflows and reporting ensuring faster and more efficient security operations.
Integrate security technologies and data sources to improve detection monitoring and response capabilities
Continuously test and optimize developed capabilities ensuring their functionality and efficiency during live security operations
Basic Qualifications:
Active TopSecret Clearance with eligibility for SCI
US Citizenship
5 years of experience
Experience with Splunk Enterprise Security
Familiarity with all related aspects of cybersecurity operations and security architecture
Indepth knowledge of network and application protocols cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies.
Preferred Qualifications:
Strong expertise in SIEM platforms and familiarity with query languages (e.g. SPL KQL).
Understanding of malware behaviors threat actors and attack tactics (MITRE ATT&CK).
Experience with automation and scripting (e.g. Python PowerShell).
Ability to independently assess and improve detection rules.
Excellent troubleshooting and documentation skills.
Experience with Microsoft Sentinel
Experience with FBI DHS IC and DoD Networks.
Experience with mitigation development against malicious cyber activity
One of the following certifications:
GIAC Continuous Monitoring Certication (GMON)
GIAC Certied Incident Handler (GCIH)
GIAC Certied Forensic Analyst (GCFA)
GIAC Certied Intrusion Analyst (GCIA)
GIAC Network Forensic Analyst (GNFA)
GIAC Cloud Threat Detection (GCTD)
GIAC Cloud Forensics Responder (GCFR)
Certified Information Systems Security Professional (CISSP)
Original Posting:
April 22 2025For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $104650.00 $189175.00The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.
Employment Type
Full-Time
