Cyber Supply Chain Risk & Threat Intelligence Analyst

Description

Leidos is seeking a Cyber Supply Chain Risk Management (C-SCRM) & Threat Intelligence Analyst to join our growing team, in support of Security Engineering Programs – Center for Information Systems Security (SEP-CISS). This C-SCRM Threat Intelligence Analyst role will support our Government customer’s Top Secret network and will work closely with that agency. Daily activities will include monitoring, analysis, and reporting of supply chain threats as it pertains to cybersecurity. As part of this role, the candidate must possess a strong understanding of cyber threat intelligence, supply chain risk management, and cybersecurity operations. Due to the sensitive & classified nature of this program, you will be required to work on-site in Arlington, VA.

Cyber Threat Intelligence (CTI) Responsibilities:

• Monitor and analyze threat intelligence feeds, vulnerability alerts, and indicators of compromise (IOCs) on both classified and unclassified systems.

• Develop and disseminate threat intelligence reports to appropriate personnel.

• Maintain regular awareness and tracking of cyber-relevant alerts, vulnerabilities, and intelligence reports and disseminate information to staff.

Cyber Supply Chain Risk Management (C-SCRM) Responsibilities:

• Assess third-party vendors, contractors, and suppliers for cybersecurity risks using open-source data and intelligence.

• Identify supply chain vulnerabilities, including risks related to hardware, software, and firmware to support acquisition decisions.

• Work with procurement and legal teams to ensure supply chain risk mitigations are integrated into contracts and vendor agreements.

• Maintain a vendor risk management database to inform future risk-based decisions

Reporting and Coordination:

• Provide weekly updates to cybersecurity leadership and staff.

• Develop supply chain risk reports and brief key stakeholders on potential security concerns.

Basic Qualifications:

• Active Top Secret clearance with ability to obtain SCI. (Position Requirement)

• Minimum 5 years in cyber threat intelligence, supply chain risk management, or cybersecurity operations.

• Security+ or equivalent relevant certification.

• Familiarity with one or more: MITRE ATT&CK, STIX/TAXII, SIEM tools, and cyber risk frameworks.

• Strong ability to interpret cyber intelligence to mission relevance.

• Ability to create and present briefings to staff and leadership as needed.

• Degrees are not required; experience and expertise are critical to this role.

• Highly effective teamwork and collaboration skills.

• Must be able to work independently on a project, seeing it from inception to completion.

• Must possess strong organizational skills and strong interpersonal skills to effectively relate to Leidos and customer needs.

Preferred Qualifications:

• Meets DOD 8140 IAT Level II Requirements

• Familiarity with supporting compliance within DoD cybersecurity policies: CNSS 1253, NIST 800-161, and other applicable frameworks.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.