Cybersecurity Capability Developer Senior

Leidos

4.1

(20)

Huntsville, AL

Why you should apply for a job to Leidos:

4.1/5 in overall job satisfaction

4.3/5 in supportive management

70% say women are treated fairly and equally to men

85% would recommend this company to other women

85% say the CEO supports gender diversity

Ratings are based on anonymous reviews by Fairygodboss members.

Our Women’s Network is one of nine employee resources groups that provides support for onboarding, networking & professional development.

Leidos offers programs to help employees prepare for over 95 industry-standard professional and technical certifications.

Leidos offers a voluntary well–being benefit program to help support employees on their personal wellness journey and earn rewards.

#R-00157766

Position summary

al growth and advancement.

Primary Responsibilities:

Develop, implement, and maintain detection rules to identify malicious behaviors.
Optimize detection efficacy by reducing false positives and increasing true positive rates
Document detection processes, methodologies, and workflows.
Share insights and mentor team members on best practices in threat detection.
Design, develop, and maintain cybersecurity tools, scripts, and capabilities that enhance operational effectiveness within the ESOC watch floor.
Create automation solutions to streamline processes for threat detection, incident triage, response workflows, and reporting, ensuring faster and more efficient security operations.
Integrate security technologies and data sources to improve detection, monitoring, and response capabilities
Continuously test and optimize developed capabilities, ensuring their functionality and efficiency during live security operations

Basic Qualifications:

Active Top-Secret Clearance with eligibility for SCI
US Citizenship
5+ years of experience
Experience with Splunk Enterprise Security
Familiarity with all related aspects of cybersecurity operations and security architecture
In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies.

Preferred Qualifications:

Strong expertise in SIEM platforms and familiarity with query languages (e.g. SPL, KQL).
Understanding of malware behaviors, threat actors, and attack tactics (MITRE ATT&CK).
Experience with automation and scripting (e.g., Python, PowerShell).
Ability to independently assess and improve detection rules.
Excellent troubleshooting and documentation skills.
Experience with Microsoft Sentinel
Experience with FBI, DHS, IC, and DoD Networks.
Experience with mitigation development against malicious cyber activity
One of the following certifications:
- GIAC Continuous Monitoring Certiﬁcation (GMON)
- GIAC Certiﬁed Incident Handler (GCIH)
- GIAC Certiﬁed Forensic Analyst (GCFA)
- GIAC Certiﬁed Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Cloud Threat Detection (GCTD)
- GIAC Cloud Forensics Responder (GCFR)
- Certified Information Systems Security Professional (CISSP)

Original Posting:
April 17, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $104,650.00 - $189,175.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.