Endpoint Cyber Operations Analyst

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. They are seeking an Endpoint Cyber Operations Analyst to provide operational support across a range of enterprise endpoint security solutions while contributing to the development of cybersecurity methodologies. This role involves managing daily ticket queues, supporting endpoint security solutions, and collaborating with various teams to enhance security measures. Responsibilities Daily ticket queue management Operational support & maintenance for endpoint security solutions (e.g., Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR) Rotational on-call responsibilities Technical control implementation & enforcement based on inputs received by the Leidos Cybersecurity Intelligence & Response Center (CSIRC), Endpoint Cybersecurity Engineering team, and other internal organizations, leaders, stakeholders where applicable Support change management tasking relative to the security policies associated with the endpoint security solutions that you support Work closely with your team lead/manager to ensure tasks are completed on time Ensure documentation relative to the supported endpoint security products, procedures, services, etc., are written and centrally accessible Create and monitor reporting for compliance Provide inputs back to the Endpoint Cybersecurity Engineering team with the goal of identifying and remediating existing gaps in vendor solutions and platform technologies Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals Take direction & guidance from the endpoint cybersecurity engineering team (and others) and perform other tasks as assigned Skills US Citizenship is required B.S from an accredited university coupled with two or less years of experience. Additional years of relevant experience or technology certifications may be considered in lieu of degree. Experience should include 1- 2 years of endpoint security experience Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non-technical audiences Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations Fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support Understanding of Operating Systems and Network Protocols Foundational understanding of advanced threat detection in an enterprise environment Foundational understanding of malware families, their types, and the threat they pose B.S in Computer Science, Computer Engineering, Information technology, or other Cyber Security fields from an accredited university Experience operating, troubleshooting, and maintaining endpoint security solutions (e.g., Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR, cloud-based solutions) Knowledgeable of forensic procedures and practices including imaging and memory analytics. Specifically, the design, maintenance, and documentation of enterprise forensic capabilities. (Popular commercial products include: EnCase, FTK, and others) Windows 11 security best practices and configurations MacOS security best practices and configurations Linux System Administration experience or experience with Linux OS hardening Proficiency with Microsoft Windows administrative & troubleshooting tools Demonstrated experience performing cybersecurity analysis from an operator's point-of-view Demonstrated knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT and NIST and an understanding of relevant legal and regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard Functional understanding of scripting languages (Batch, PowerShell, Python, VBScript, etc.) GIAC GCIA Certification or other cyber security certifications are a plus Experience with Splunk (preferred) or other SIEM platform Experience with Cloud-based information protection and cyber security Eligible to obtain a DoD Secret Security Clearance as required Benefits Competitive compensation Health and Wellness programs Income Protection Paid Leave Retirement Company Overview Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. It was founded in 1969, and is headquartered in Reston, Virginia, USA, with a workforce of 10001+ employees. Its website is