The Leidos Digital Modernization sector is looking for a Cyber Fusion Analyst to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026.

OurCyber Fusionteam provides mission-critical support to the customers mission of protecting federal networked systems by integrating disparate intelligence, hunting telemetry, and vulnerability data into a single operational view. We bridge the gap between 2knowing the threat2 and 2stopping the threat,2 ensuring that intelligence directly drives defensive actions.

This hybrid position is primarily on-site, with potential for up to 20% telework. While this position will primarily work during core hours (0600 600), this position will be supporting a team of analysts working 24/7 rotating shifts (days, swings, nights). As such, occasional shift work or weekend work may be required to fill unexpected gaps in coverage.

PRIMARY RESPONSIBILITIES:

• Intelligence-Driven Defense:Synthesize external threat intelligence (TTPs, IOCs) with internal hunt telemetry to develop a comprehensive understanding of the adversary's impact on the enterprise.
• Fusion Analysis & Reporting:Author high-impact 2Fusion Reports2 that blend technical forensics with strategic intelligence to brief senior leadership on trending threats and operational risks.
• Advanced Correlation:Utilize SIEM and Threat Intelligence Platforms (TIP) to correlate global threat actor activity against internal sensor logs, identifying 2low and slow2 campaigns that span multiple mission sets.
• Adversary Campaign Tracking:Maintain a living 2Adversary Encyclopedia2 by mapping internal discoveries to theMITRE ATT&CKframework to identify systemic defensive gaps.
• Vulnerability-Intelligence Pairing:AnalyzeVulnerability Disclosure Program (VDP)data alongside active threat reporting to prioritize patching efforts based on real-world exploitation trends.
• Tactical Countermeasure Influence:Provide data-backed recommendations to Engineering and DCO teams to adjust firewall rules, EDR policies, and SIEM logic based on emerging fusion findings.
• Indications & Warnings (I&W):Develop and refine custom analytics that provide 2early warning2 of adversary reconnaissance or pre-exploitation activity targeting the customer enterprise.
• Continuous Knowledge Management:Maintain the 2Single Source of Truth2 for threat data, ensuring that Hunt, Intel, and Engineering teams are operating from a synchronized set of prioritized threats.

BASIC QUALIFICATIONS:

• Bachelors Degree with 8+ yrs of experience or Masters Degree with 6+ yrs of relevant experience; additional years of experience may be substituted in lieu of degrees.
• DoD 8570 IAT Level II/III:Must hold a certification such asCompTIA Security+,CASP+ CE, orCISSP.
• DoD 8570 CSSP Analyst:Must hold a CSSP Analyst certification (e.g.,CEH,CySA+) or obtain within 180 days.
• Analytic Writing Mastery:Demonstrated ability to synthesize complex technical data into concise, non-technical executive briefings.
• Framework Proficiency:Expert understanding of theCyber Kill Chain, Diamond Model, andMITRE ATT&CK.
• Security Clearance:Current DoD TS/SCI security clearance and ability to pass additional customer suitability screenings prior to start and maintain throughout employment.

PREFERRED SKILLS:

• Fusion Center Experience:Previous experience working within a government or large-scale commercialCyber Fusion Center (CFC)or Joint Operations Center (JOC).
• Query & Scripting:Proficiency inSPL (Splunk)orKQL (Kusto)for data correlation;Pythonskills for automating intelligence ingestion and enrichment.
• OSINT & Commercial Portals:Experience utilizing tools likeRecorded Future,VirusTotal, or Mandiant Advantage to pivot from external indicators to internal threats.
• Cloud Fusion:Familiarity with fusion analysis withinAWS,Azure, orO365environments, specifically correlating cloud-native audit logs.
• Adversary Emulation:Basic understanding of Red Teaming or Penetration Testing methodologies to better predict adversary movement.

#ms

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.