Cyber Threat Intelligence Analyst

Description The Leidos Digital Modernization sector is looking for a Cyber Threat Intelligence Analyst to support a Defensive Cyber Operations (DCO) team in Washington, DC. This position is expected to become available in Summer 2026. Our team provides mission critical, 24/7 operational support to the customeru2019s mission of protecting federal networked systems and services from cyber threats impacting national security. We are looking for a self-starter who is capable of independently performing their daily tasks but also works well within a team that requires significant coordination and communication. This hybrid position is primarily on-site, with potential for up to 20% telework. While this position will primarily work during core hours (0600 u2013 1600), this position will be supporting a team of analysts working 24/7 rotating shifts (days, swings, nights). As such, occasional shift work or weekend work may be required to fill unexpected gaps in coverage. PRIMARY RESPONSIBILITIES: + Produce High-Value Intelligence: Lead the production of strategic, operational, and tactical intelligence reports to inform stakeholders of emerging threats, actor motivations, and potential impacts. + Adversary Characterization: Analyze adversary tactics, techniques, and procedures (TTPs) using frameworks likeMITRE ATT&CKto develop comprehensive profiles of Advanced Persistent Threats (APTs) relevant to the enterprise. + Intelligence Lifecycle Management: Drive the end-to-end intelligence cycle, including developing Priority Intelligence Requirements (PIRs), managing collection plans, and disseminating actionable intelligence to defensive teams. + Threat Modeling & Forecasting: Maintain proactive situational awareness by evaluating DoD, IC, and open-source reporting to forecast shifts in the threat landscape and identify systemic vulnerabilities before they are exploited. + Indicator Lifecycle Management: Evaluate the fidelity of Indicators of Compromise (IOCs) and Indicators of Behavior (IOBs); manage the ingestion, enrichment, and expiration of threat data within a Threat Intelligence Platform (TIP). + Support Hunt & DCO Operations: Provide the intelligence foundation for Hunt missions and Defensive Cyber Operations (DCO) by delivering

Created: 2026-04-04