Insider Threat Monitoring Analyst Security Clearance
Job in
Ashburn, Loudoun County, Virginia, 20147, USA
Listed on 2026-07-14
Listing for:
Leidos
Full Time
position Listed on 2026-07-14
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, Network Security
Job Description & How to Apply Below
R
- Description The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Cyber Security Directorate (CSD) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Leidos is seeking an experienced Insider Threat Expert to join our team. As a member of this highly technical digital forensics team supporting U.S. Customs and Border Protection (CBP), you will be responsible for leading user activity monitoring activities, foreign service national monitoring, insider threat analysis, and investigating policy violations, data loss prevention (DLP) events, and sensitive data spillages.
Primary Responsibilities The candidate will be responsible for:
* Supporting the Cyber Defense Forensics and Insider Threat investigations using near real- time (when possible, based on tools) monitoring of DLP tools for potential data exfiltration attempts of CBP mission data or employee PII/SPII
* Support Office of Professional Responsibility (OPR), Office of Intelligence (OI), Office of the Inspector General (OIG) and Other Government Agencies in the investigation of CBP personnel operating with potentially malicious or alleged criminal intent.
* Actively monitor Foreign Service National (FSN) network activity for network misuse and policy violations.
* Support User Activity Monitoring (UAM) activities.
* Make recommendations for insider threat alert triggers and detections across various security tools and logging sources.
* Monitor CBP laptops and mobile devices traveling OCONUS for suspicious activity and policy violations.
* Provide investigative support for CBP's OPR-Cyber Investigations for media leak investigations by identifying all users who have received/sent, printed, copied, downloaded/uploaded, or accessed the leaked document.
* Provide recommendations for Information Spillage Incident Response efforts on handling and sanitization methods pursuant to industry best practices, NIST 800-88 recommendations, and Federal guidelines.
Basic Qualifications
* Requires BS degree and a minimum of 8 or more years of direct relevant experience.
* Requires an active and current CISSP certification
* Degree in computer science, IT, Information/Cyber Security field from an accredited college or university.
* Additional experience or applicable certifications acceptable in lieu of degree.
* Working knowledge of defense-in-depth principles, network/HW/SW security architecture, network topology, IT device integrity, and common security elements
* Effective communication skills with emphasis on attention to detail, ability to accurately capture and document technical remediation details, and ability to brief stakeholders on incident statuses, recovery and root causes.
* Demonstrable experience performing forensic analysis, digital media analysis, and in-depth system & network log analysis in support of forensic investigations.
* Ability to generate forensically sound cyber analysis reports detailing forensically sound analysis procedures, findings, and recommendations from incident investigations.
* Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure.
* Experience with User Activity Monitoring products and platforms
* Experience with Endpoint Detection and Response (EDR) tools
* Must be able to report to the Ashburn VA office up to 5 days per week
* Must be have a US Citizenship
* Must have a Top Secret clearance
* Must be able to obtain and maintain a CBP BI clearance.
Preferred Qualifications Master’s degree from an accredited college or university in IT Management, Engineering, or related field
* SANS GREM…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×