Cybersecurity Capability Developer Senior

Join to apply for the Cybersecurity Capability Developer Senior role at Leidos

This range is provided by Leidos. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$104,650.00/yr - $189,175.00/yr

Leidos is seeking a detail-oriented and proactive Cybersecurity Capability Developer Senior to join our team in Huntsville, AL or Clarksburg, WV. The position will be part of an Enterprise Security Operations Center 24/7/365 Watch Floor team providing Threat Detection engineering. The position requires expertise in security analytics, data correlation, threat intelligence, and automation within a Security Information and Event Management (SIEM) platform or equivalent detection systems.

At Leidos, you'll join a team of innovators tackling some of the world's most critical challenges through cutting-edge technology and bold ideas. We foster a dynamic and collaborative environment where your expertise will directly contribute to mission success and the significance of your contributions will only be surpassed by the exceptional opportunities for your professional growth and advancement.

• Develop, implement, and maintain detection rules to identify malicious behaviors.
• Optimize detection efficacy by reducing false positives and increasing true positive rates.
• Document detection processes, methodologies, and workflows.
• Share insights and mentor team members on best practices in threat detection.
• Design, develop, and maintain cybersecurity tools, scripts, and capabilities that enhance operational effectiveness within the ESOC watch floor.
• Create automation solutions to streamline processes for threat detection, incident triage, response workflows, and reporting, ensuring faster and more efficient security operations.
• Integrate security technologies and data sources to improve detection, monitoring, and response capabilities.
• Continuously test and optimize developed capabilities, ensuring their functionality and efficiency during live security operations.

• Active Top-Secret Clearance with eligibility for SCI.
• US Citizenship.
• 5+ years of experience.
• Experience with Splunk Enterprise Security.
• Familiarity with all related aspects of cybersecurity operations and security architecture.
• In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques, and cyber threat/adversary methodologies.

• Strong expertise in SIEM platforms and familiarity with query languages (e.g., SPL, KQL).
• Understanding of malware behaviors, threat actors, and attack tactics (MITRE ATT&CK).
• Experience with automation and scripting (e.g., Python, PowerShell).
• Ability to independently assess and improve detection rules.
• Excellent troubleshooting and documentation skills.
• Experience with Microsoft Sentinel.
• Experience with FBI, DHS, IC, and DoD Networks.
• Experience with mitigation development against malicious cyber activity.
• One of the following certifications:
• GIAC Continuous Monitoring Certification (GMON)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Cloud Threat Detection (GCTD)
• GIAC Cloud Forensics Responder (GCFR)
• Certified Information Systems Security Professional (CISSP)

Original Posting: April 22, 2025

Pay Range: $104,650.00 - $189,175.00

The Leidos pay range is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include responsibilities, education, experience, skills, and market data.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services and IT Consulting