Cybersecurity Analyst Intern

Leidos a leading defense intelligence and technology company is seeking a motivated Cybersecurity Analyst intern to join our Digital Modernization Group on the Global Solutions Management Operations II (GSM-O II) contract at Whitehall OH. As part of our team youll contribute to the operations sustainment and defense of the Defense Information System Network (DISN) within the DOD Information Network (DODIN) supporting the Defense Information Systems Agency (DISA).

We are looking for highly motivated driven and capable candidates to join our GSM-O team and support our Cybersecurity/Network Assurance team! As a Cybersecurity Analyst Intern you will assist in protecting critical DoD information systems by analyzing threat intelligence investigating security alerts and contributing to incident response efforts. This internship offers valuable hands-on experience in a real-world security environment.

What Youll Do:
Perform cyber threat intelligence analysis to identify potential threats and vulnerabilities.
Correlate actionable security events from various sources (SIEM IDS/IPS etc.) to identify suspicious activity.
Perform network traffic analysis using raw packet data net flow IDS IPS and custom sensor output to detect malicious activity on communications networks.
Participate in the coordination of resources during incident response efforts assisting in containment eradication and recovery activities.
Review DoD and open-source intelligence feeds for emerging threats and vulnerabilities.
Identify Indicators of Compromise (IOCs) from threat intelligence reports and integrate them into sensors and SIEMs to improve detection capabilities.
Triage security alerts from various sources (e.g. SIEM IDS/IPS) to identify potential malicious activity on customer networks. This may involve analyzing log files network traffic and other data sources.
Conduct preliminary analysis of potential security incidents such as investigating suspicious network connections analyzing malware samples or reviewing system logs for anomalous activity.
Report security incidents to customers and USCYBERCOM in a timely and accurate manner.

What Youll Bring:
As an intern you would be expected to have academic knowledge of such areas of Cybersecurity and preferably have prior internships or personal/school project work for some hands-on skills.
Actively pursuing a degree in a relevant field (e.g. Cybersecurity Computer Science Computer Engineering Information Technology) from an accredited college/university.
Proactive and eager to learn new technologies and security concepts. Able to work independently on assigned tasks seek out information as needed and communicate progress effectively in both written and verbal form including creating clear and concise technical documentation.
Solid understanding of TCP/IP protocols common networking ports (e.g.) and the OSI model. Ability to explain the principles of defense-in-depth and its application in securing a network. Basic knowledge of system administration concepts (Windows or Linux).
Understanding of the Cyber Kill Chain methodology and/or the MITRE ATT&CK framework and how they can be used to improve threat detection and response capabilities.
Basic knowledge of malware analysis concepts including identifying different malware types and understanding basic analysis techniques (e.g. static and dynamic analysis). Bonus points for experience using tools like VirusTotal or basic sandboxing environments.
Ability to analyze security alerts identify potential false positives and prioritize investigations based on the severity and impact of the alert.
Ability to obtain a Secret clearance to start (selected candidates will be sponsored for required clearance).
Commitment to obtaining Security certification (or equivalent DoD 8570 IAT II certification) within a specified timeframe.
Must be a US Citizen to qualify.
Work must be performed in Whitehall OH.
Must have own transportation to enter work facility at Whitehall OH.

Preferred:
Security and/or CySA certifications.
Academic knowledge of CND domains (Protect Detect Respond and Sustain).
Understanding of Computer Incident Response organization or Security Operations Center.
Familiarity with an enterprise SIEM platform like Splunk or Elastic.
Unix/Linux command line experience.
Scripting and programming experience (e.g. Python Bash).

At Leidos we dont want someone who fits the moldwe want someone who melts it down and builds something better. This is a role for the restless the over-caffeinated the ones who ask whats next before the dust settles on whats now.

If youre already scheming step 20 while everyone else is still debating step 2 good. Youll fit right in.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.