Cyber Fusion Analyst

The Leidos Digital Modernization sector is looking for a Cyber Fusion Analyst to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026.

Our Cyber Fusionteam provides mission-critical support to the customer's mission of protecting federal networked systems by integrating disparate intelligence, hunting telemetry, and vulnerability data into a single operational view. We bridge the gap between "knowing the threat" and "stopping the threat," ensuring that intelligence directly drives defensive actions.

This hybrid position is primarily on-site, with potential for up to 20% telework. While this position will primarily work during core hours (0600 - 1600), this position will be supporting a team of analysts working 24/7 rotating shifts (days, swings, nights). As such, occasional shift work or weekend work may be required to fill unexpected gaps in coverage., * Intelligence-Driven Defense: Synthesize external threat intelligence (TTPs, IOCs) with internal hunt telemetry to develop a comprehensive understanding of the adversary's impact on the enterprise.

• Fusion Analysis & Reporting: Author high-impact "Fusion Reports" that blend technical forensics with strategic intelligence to brief senior leadership on trending threats and operational risks.
• Advanced Correlation: Utilize SIEM and Threat Intelligence Platforms (TIP) to correlate global threat actor activity against internal sensor logs, identifying "low and slow" campaigns that span multiple mission sets.
• Adversary Campaign Tracking: Maintain a living "Adversary Encyclopedia" by mapping internal discoveries to the MITRE ATT&CK framework to identify systemic defensive gaps.
• Vulnerability-Intelligence Pairing: Analyze Vulnerability Disclosure Program (VDP) data alongside active threat reporting to prioritize patching efforts based on real-world exploitation trends.
• Tactical Countermeasure Influence: Provide data-backed recommendations to Engineering and DCO teams to adjust firewall rules, EDR policies, and SIEM logic based on emerging fusion findings.
• Indications & Warnings (I&W): Develop and refine custom analytics that provide "early warning" of adversary reconnaissance or pre-exploitation activity targeting the customer enterprise.
• Continuous Knowledge Management: Maintain the "Single Source of Truth" for threat data, ensuring that Hunt, Intel, and Engineering teams are operating from a synchronized set of prioritized threats.

• Bachelor's Degree with 8+ yrs of experience or Master's Degree with 6+ yrs of relevant experience; additional years of experience may be substituted in lieu of degrees.
• DoD 8570 IAT Level II/III: Must hold a certification such as CompTIA Security+, CASP+ CE, or CISSP.
• DoD 8570 CSSP Analyst: Must hold a CSSP Analyst certification (e.g., CEH, CySA+) or obtain within 180 days.
• Analytic Writing Mastery: Demonstrated ability to synthesize complex technical data into concise, non-technical executive briefings.
• Framework Proficiency: Expert understanding of the Cyber Kill Chain, Diamond Model, and MITRE ATT&CK.
• Security Clearance: Current DoD TS/SCI security clearance and ability to pass additional customer suitability screenings prior to start and maintain throughout employment.

PREFERRED SKILLS:

• Fusion Center Experience: Previous experience working within a government or large-scale commercial Cyber Fusion Center (CFC) or Joint Operations Center (JOC).
• Query & Scripting: Proficiency in SPL (Splunk) or KQL (Kusto) for data correlation; Python skills for automating intelligence ingestion and enrichment.
• OSINT & Commercial Portals: Experience utilizing tools like Recorded Future, VirusTotal, or Mandiant Advantage to pivot from external indicators to internal threats.
• Cloud Fusion: Familiarity with fusion analysis within AWS, Azure, or O365 environments, specifically correlating cloud-native audit logs.
• Adversary Emulation: Basic understanding of Red Teaming or Penetration Testing methodologies to better predict adversary movement.

#ms

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .