Job was saved successfully.
Job was removed from Saved Jobs.

Job Details

SOC Watch Analyst




Colorado Springs, Colorado, United States


Are you looking for an opportunity to support the United States Department of Defense systems to ensure they are secure and reliable? Our Enterprise and Cyber Solutions Defense team is looking for an experienced Security Operations Center (SOC) Analyst to work with our N2NOMS program which is situated in Colorado Springs, CO.

Our customer maintains a highly demanding mission and requires our support to provide expert technical and professional management support to the commands enterprise Information Technology (IT) services. The Security Operations Center Analysts will support a program that provides sustainment, maintenance, problem and change management services to help ensure secure, reliable, and uninterrupted availability of the Department of Defense IP networks. Security Operations Center Watch Analysts provides 24x7 support to monitor and implement cyber threat mitigation and to obtain steps that an adversary must go through to achieve their goal.

This position will report directly to the Cyber Security Operations Watch Lead, with regular interaction with the Cyber Security Manager and government POCs.

Salary: $70,000 - $75,000.00

Rotating Shift Schedule:

Standard Panama (2 days on, 2 days off, 3 days on, 2 days off, 2 days on, 3 days off)

12 hour shifts (6am - 6pm) with switch from Day/Night.

Active Clearance Required: You must currently hold an active United States DOD Secret clearance and be eligible to successfully obtain TS/SCI.

What will you do in this role?

  • Work independently to achieve day-to-day objectives with significant impact to the overall NORAD/USNORTHCOM Government mission.

  • Able to monitor, review and interpret traffic provided by Splunk and Trellix ESS dashboard alerts

  • Evaluate the network to identify potential issues of network, system, and cyber threat activity.

  • Recommend appropriate countermeasures to deter and stop cyber threats.

  • Conduct cyber vulnerability analysis and response.

  • Enact and execute downward directed Defensive Cyber Operations actions/orders.

  • Able to review and evaluate Cyber Protection Condition (CPCON) and Tailored Response Options (TRO).

  • Ensure access to the NOC and the CWOC-DCO watch.

  • Provide expertise on technical and mission impact assessments and liaise with the several technology areas, CWOC and JCC for all Cybersecurity related incidents.

  • Conduct technical course of action analysis for cyber threat response based on vulnerabilities, architecture, and defense in depth strategies in place.

  • Determine which action analysis are appropriate.

  • Report any security vulnerability produced as a result of the implementation of defensive cyber efforts to the CWOC.

  • Provide and compile daily reports to track new and ongoing issues, status of implementation of solutions, results of various analysis, activities, observations, and determine upcoming actions

  • Monitor systems and directives, and ensures compliance.

  • Develop appropriate tactics, techniques, and procedures (TTPs) for response to cyber threats, cyber security, and access-related incidents, downward directed tasks, and insider threat triggers.

These Qualifications are Required:

  • Bachelor’s degree and 2+ years relevant experience or a Master’s degree with less than 2 years of experience. Additional years of applicable experience will be accepted in lieu of degree.

  • Current Secret clearance with ability to obtain TS/SCI and maintain it.

  • Must currently hold active DOD IAT II certification, Security+ce, equivalent or higher.

  • Ability to obtain Cybersecurity Analyst (CySA+) within 6 months.

  • Willingness to work on Panama schedule, rotating 12 hour shifts.

  • Experience recommending additional security requirements and safeguards.

  • Desire to work in SOC, Vulnerability management, Security Information Event Management, on a long term basis.

These Qualifications are Preferred:

  • Familiarity with NORAD/USNORTHCOM systems.

  • DoD 8570 IAM III Certification (CISSP, CISM, etc.)

  • Experience in development of end user operating manuals and documentation.

  • Familiarity with Virtualization, particularly VMware Horizon/Nutanix AHV

  • DISA Trellix ESS 201, 301 or 501 certificates

  • Splunk Core User Certifcation

  • Experience with Trellix ESS


Original Posting Date:


While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $53,950.00 - $97,525.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.