Cyber Fusion Analyst

The Leidos Digital Modernization sector is looking for a Cyber Fusion Analyst to support a Defensive Cyber Operations (DCO) team in Washington DC. This position is expected to become available in Summer 2026.

OurCyber Fusion team provides mission-critical support to the customers mission of protecting federal networked systems by integrating disparate intelligence hunting telemetry and vulnerability data into a single operational view. We bridge the gap between knowing the threat and stopping the threat ensuring that intelligence directly drives defensive actions.

This hybrid position is primarily on-site with potential for up to 20% telework. While this position will primarily work during core hours (0) this position will be supporting a team of analysts working 24/7 rotating shifts (days swings nights). As such occasional shift work or weekend work may be required to fill unexpected gaps in coverage.

PRIMARY RESPONSIBILITIES:

• Intelligence-Driven Defense:Synthesize external threat intelligence (TTPs IOCs) with internal hunt telemetry to develop a comprehensive understanding of the adversarys impact on the enterprise.
• Fusion Analysis & Reporting:Author high-impact Fusion Reports that blend technical forensics with strategic intelligence to brief senior leadership on trending threats and operational risks.
• Advanced Correlation:Utilize SIEM and Threat Intelligence Platforms (TIP) to correlate global threat actor activity against internal sensor logs identifying low and slow campaigns that span multiple mission sets.
• Adversary Campaign Tracking:Maintain a living Adversary Encyclopedia by mapping internal discoveries to theMITRE ATT&CKframework to identify systemic defensive gaps.
• Vulnerability-Intelligence Pairing:AnalyzeVulnerability Disclosure Program (VDP)data alongside active threat reporting to prioritize patching efforts based on real-world exploitation trends.
• Tactical Countermeasure Influence:Provide data-backed recommendations to Engineering and DCO teams to adjust firewall rules EDR policies and SIEM logic based on emerging fusion findings.
• Indications & Warnings (I&W):Develop and refine custom analytics that provide early warning of adversary reconnaissance or pre-exploitation activity targeting the customer enterprise.
• Continuous Knowledge Management:Maintain the Single Source of Truth for threat data ensuring that Hunt Intel and Engineering teams are operating from a synchronized set of prioritized threats.

BASIC QUALIFICATIONS:

• Bachelors Degree with 8 yrs of experience or Masters Degree with 6 yrs of relevant experience; additional years of experience may be substituted in lieu of degrees.
• DoD 8570 IAT Level II/III:Must hold a certification such asCompTIA SecurityCASP CE orCISSP.
• DoD 8570 CSSP Analyst:Must hold a CSSP Analyst certification () or obtain within 180 days.
• Analytic Writing Mastery:Demonstrated ability to synthesize complex technical data into concise non-technical executive briefings.
• Framework Proficiency:Expert understanding of theCyber Kill Chain Diamond Model andMITRE ATT&CK.
• Security Clearance: Current DoD TS/SCI security clearance and ability to pass additional customer suitability screenings prior to start and maintain throughout employment.

PREFERRED SKILLS:

• Fusion Center Experience:Previous experience working within a government or large-scale commercialCyber Fusion Center (CFC)or Joint Operations Center (JOC).
• Query & Scripting:Proficiency inSPL (Splunk)orKQL (Kusto)for data correlation;Pythonskills for automating intelligence ingestion and enrichment.
• OSINT & Commercial Portals:Experience utilizing tools likeRecorded FutureVirusTotal or Mandiant Advantage to pivot from external indicators to internal threats.
• Cloud Fusion:Familiarity with fusion analysis withinAWSAzure orO365environments specifically correlating cloud-native audit logs.
• Adversary Emulation:Basic understanding of Red Teaming or Penetration Testing methodologies to better predict adversary movement.

#ms

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.