This role pays less than
88%
of similar roles. Most pay
$142,400–$191,500
— the shaded band above.
At the midpoint, this role pays about
$122k
versus about
$167k
for comparable roles.
Based on 239 similar postings.
Employer
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations.
Leidos currently has
237 open roles
on FindRole.
Listed pay typically runs
$107,900–$195,050
across 230 roles with salary data.
Leidos seeks an experienced Tier 2 Attack Sensing & Warning Analyst to join the Customs and Border Protection (CBP) Security Operations Center team. This role involves leveraging advanced security technologies such as EDR, SIEM, and network forensics tools to monitor, triage, and investigate endpoint and network activity, escalating alerts according to established procedures, analyzing attacker behaviors, aggregating IOCs, and developing security content and tools to enhance detection and response capabilities. The analyst will also lead incident response activities, mentor junior staff, and create detailed reports for customer leadership. Essential skills include extensive experience in areas like email security, digital forensics, monitoring, and cyber intelligence analysis, along with strong problem-solving abilities and the capability to stay updated on threat intelligence trends. Preferred qualifications include detection engineering expertise, familiarity with frameworks such as MITRE ATT&CK, and relevant certifications like CompTIA CySA+ or CEH.
Utilize EDR, SIEM, and network security tools to monitor and investigate endpoint and network activity.
Triage alerts from multiple sources and escalate according to established procedures.
Analyze logs and attacker behaviors to identify APT tactics and aggregate IOCs.
Develop security content, scripts, and tools to enhance detection and incident response capabilities.
Lead Incident Response activities and mentor junior SOC staff.
What we're looking for
5+ years of professional experience in incident detection, response, and remediation.
Extensive experience in email security, digital media forensics, monitoring and detection, incident response, vulnerability assessment, and cyber intelligence analysis.
Ability to analyze complex data sources, provide guidance on cyber threat operations, and mentor junior staff.
Strong problem-solving skills with an analytic mindset for reasoning and independent task prioritization.
Possession of at least one relevant cybersecurity certification such as CompTIA CySA+, CISSP, or others listed.
NIST 800-53
DevSecOps
CI/CD
Cloud application security
Application security testing
Agile management
Gen AI systems security
U.S. Citizenship
National Security Clearance