Leidos has a current job opportunity for a Cybers Security Operations Lead on the DISA GSM-O II program in Pearl Harbor, HI.

Cyber Operations is responsible for monitoring and analyzing the security posture of networks, servers, endpoints, and other systems. Activities include detection, mitigation, response, and reporting of cyber incidents using a combination of technology solutions and processes to ensure security issues are addressed quickly on discovery.

Responsibilities may include collecting and analyzing intelligence to correlate adversary tactics, techniques, and procedures, investigating computer and information security incidents, conducting network and host analysis, intrusion and threat hunting support, maintaining proficiency in operation tools, creating countermeasures, and identifying trends in adversary behaviors and vulnerabilities. Responsible for operational planning in support of training, exercises, operations, and coordination of integrated cyber operations by targeting hostile adversary activities and capabilities.

Position Summary:

The team’s mission is to provide robust cybersecurity services for the Department of Defense Information Network (DoDIN). This is achieved through the continuous execution of the Protect, Detect, Respond, and Sustain functions of a Cyber Security Services Provider (CSSP). As Cybersecurity Operations Lead, you will ensure your team effectively monitors, analyzes, responds to, and reports threats in real-time to safeguard critical networks and infrastructure. Your responsibilities will extend beyond individual analysis and encompass the management and performance of your entire team.

Primary Responsibilities:

• Ensure Mission Coverage:

Manage your team’s schedule to ensure uninterrupted operational support, 24/7/365, modifying shifts as needed to meet staffing requirements.

• Oversee Incident Response:

Guide the team in real-time monitoring of security tools (SIEM, IDS, etc.), ensuring immediate and accurate identification, analysis, triage, and reporting of cybersecurity events.

• Technical Guidance:

Serve as the primary technical leader for the team. Mentor analysts in advanced analysis of network traffic, packet captures, and logs to identify threats and anomalous activity.

• Threat Intelligence Integration:

Ensure the team understands and applies knowledge of adversary tactics, techniques, and procedures (TTPs), leveraging frameworks like MITRE ATT&CK and the Cyber Kill Chain to characterize and prioritize incidents.

• Quality Assurance:

Review incident reports, situation awareness reports, and all other products created by the team to ensure they are accurate, well-documented, and actionable for leadership and mission partners.

• Knowledge Management:

Enforce disciplined use of knowledge management tools for all incident handling and shift transitions. You are responsible for the quality and completeness of the data your team enters.

• Process Documentation:

Lead the team in creating, reviewing, and updating operational documentation, including Standard Operating Procedures (SOPs), Tactics, Techniques, and Procedures (TTPs), and Quick Reference Guides (QRGs), on a quarterly basis.

• Professional Growth:

Identify skill gaps on the team and facilitate continuous learning by encouraging participation in training, development of automation workflows, and professional development to keep the team current with new threats and tools.

• Stakeholder Interface:

Act as the primary point of contact between your team and government leadership, other DISA divisions, and external customer agencies.

• Situational Awareness:

Provide clear and timely information to leadership on the state of Network Assurance, articulating emerging trends and the impact of cyber events.

• Collaboration:

Foster a collaborative environment within your team and across shifts. Ensure seamless coordination with inspection teams, Cyber Protection Teams (CPTs), and customer incident responders.

Basic Qualifications:

• Related Bachelor’s degree and 8+ years of prior relevant experience; higher-level Cyber certifications may be substituted in lieu of degree.
• DoD 8140 Program Manager 801 Intermediate-level compliance, to include one of the following certifications: SecurityX / CASP+, CGRC/CAP, or DAWIA PM Practitioner.
• Must have DoD Secret security clearance to start on the program
• Must be a U.S. Citizen
• Experience providing guidance and direction to a team of 15+ with project and time management skills
• In-depth understanding of advanced cybersecurity concepts and processes with experience applying them with little to no guidance
• Ability and willingness to support occasional shift work as needed
• Experience using the following key technologies: Splunk and Elastic as Security Information & Event Management (SIEM) tools, Networking Monitoring & Security (NMS), Firepower Intrusion Detection System (IDS), Microsoft Defender for Endpoint & Sentinel , Microsoft Power Suite (Apps, BI, Automate), Wireshark, MITRE ATT&CK Framework, Zero Trust Architecture
• Familiarity with the following: Networking Monitoring & Security (NMS), Cisco Firepower Intrusion Detection System (IDS)
• Motivated self-starter with strong written and verbal communication skills and the ability to translate complex technical reports on analytic findings for a non-technical audience
• Demonstrated hands-on experience managing high volumes of logs, network data, and other artifacts in support of incident investigations and a high standard for attention to detail

Preferred Qualifications:

• Bachelor’s or Master’s degree in Cybersecurity
• Do

D Top Secret security clearance:

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

April 15, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $107,900.00 - $195,050.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.