Cyber Operations Countermeasures Engineer

Leidos has a current job opportunity for a Cyber Operations Countermeasures Engineer on the DISA GSM-O II program supporting the DISA Joint Operations Center (DJOC) embedded with DISA Headquarters, Fort Meade, MD. The candidate will support the DISA GSM-O II TN13 Defensive Cyber Operations (DCO) Branch. This position will provide leadership for defensive cyber operations activities and will be expected to actively engage with a variety of customers and mission partners, anticipating their needs, and delivering flawlessly.

POSITION SUMMARY:

GSM-O II provides network operations and cyber defense support to the Defense Information Systems Agency (DISA) in support of the Department of Defense (DoD) and Combatant Commands (CoCOMs).

PRIMARY RESPONSIBILITIES:

• Direct and track enterprise countermeasure actions and assess the effectiveness of countermeasures on an ongoing basis.
• Analyze high volumes of logs, network data (e.g. NetFlow, PCAP), and other attack artifacts in support of incident investigations.
• Understand the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
• Collaborate with team members and Subject Matter Experts (SMEs) to create and validate countermeasures in accordance with (IAW) the DoDIN boundary defense posture.
• Maintain situational awareness of cyber activity by reviewing DoD, Intelligence Community and open source reporting for new vulnerabilities, malware or other threats that have the potential to impact the DoDIN.
• Support mission-critical Continuity of Operations (COOP).

BASIC QUALIFICATIONS:

• Must have an active and maintain a Top Secret/SCI clearance.
• BS degree and 4 + years of prior relevant experience in order to operate within the scope contemplated by the level. AA +6 years or 8 Years of work relevant expertise without degree.
• Must have a DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent) to start and able to obtain CSSP-A certification within 180 days of start date. The candidate is required to maintain these certs during employment.
• Proficient understanding of Cyber Network Defense (CND) in regards to protect, detect, respond and sustain within a Computer Incident Response organization.
• Applying Various subnet techniques (e.g CIDR)
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Knowledge of the common attack vectors at the network layer.
• Experience with receiving, analyzing, and troubleshooting, network alerts from various sources within the Enterprise to determine Root Cause.

PREFERRED QUALIFICATIONS:

• Experience with DISA and DoD Networks.
• Experience with malware analysis concepts and methods
• Use of Cyber Defense tools for continual monitoring and analysis of system activity to identify malicious activity.
• Providing timely identification and alerting of possible attacks/intrusions, anomalous activities and misuse activities and distinguish these incidents and events from benign activities.
• Skill in configuring and utilizing network protection components (e.g. Firewalls, VPNs, IPS, IDS, and NIDS)
• Advanced Certifications such as SANS GIACIAIH, CISSP or CASP.
• Experience in intelligence driven defense and/or cyber-Kill Chain methodology.

Original Posting:
June 2, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $85,150.00 - $153,925.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.