Skip to main content
Posted July 13, 2026
Leidos

Insider Threat Monitoring Analyst

Ashburn, VA, US Full Time
$107900.00-$195050.00 per year

Description

The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Cyber Security Directorate (CSD) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.  The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.

Leidos is seeking an experienced Insider Threat Expert to join our team. As a member of this highly technical digital forensics team supporting U.S. Customs and Border Protection (CBP), you will be responsible for leading user activity monitoring activities, foreign service national monitoring, insider threat analysis, and investigating policy violations, data loss prevention (DLP) events, and sensitive data spillages.

Primary Responsibilities

The candidate will be responsible for:

  • Supporting the Cyber Defense Forensics and Insider Threat investigations using near real- time (when possible, based on tools) monitoring of DLP tools for potential data exfiltration attempts of CBP mission data or employee PII/SPII
  • Support Office of Professional Responsibility (OPR), Office of Intelligence (OI), Office of the Inspector General (OIG) and Other Government Agencies in the investigation of CBP personnel operating with potentially malicious or alleged criminal intent.
  • Actively monitor Foreign Service National (FSN) network activity for network misuse and policy violations.
  • Support User Activity Monitoring (UAM) activities.
  • Make recommendations for insider threat alert triggers and detections across various security tools and logging sources.
  • Monitor CBP laptops and mobile devices traveling OCONUS for suspicious activity and policy violations.
  • Provide investigative support for CBP's OPR-Cyber Investigations for media leak investigations by identifying all users who have received/sent, printed, copied, downloaded/uploaded, or accessed the leaked document.
  • Provide recommendations for Information Spillage Incident Response efforts on handling and sanitization methods pursuant to industry best practices, NIST 800-88 recommendations, and Federal guidelines.

Basic Qualifications

  • Requires BS degree and a minimum of 8 or more years of direct relevant experience.
  • Requires an active and current CISSP certification
  • Degree in computer science, IT, Information/Cyber Security field from an accredited college or university.
    • Additional experience or applicable certifications acceptable in lieu of degree.
  • Working knowledge of defense-in-depth principles, network/HW/SW security architecture, network topology, IT device integrity, and common security elements
  • Effective communication skills with emphasis on attention to detail, ability to accurately capture and document technical remediation details, and ability to brief stakeholders on incident statuses, recovery and root causes.
  • Demonstrable experience performing forensic analysis, digital media analysis, and in-depth system & network log analysis in support of forensic investigations.
  • Ability to generate forensically sound cyber analysis reports detailing forensically sound analysis procedures, findings, and recommendations from incident investigations.
  • Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure.
  • Experience with User Activity Monitoring products and platforms
  • Experience with Endpoint Detection and Response (EDR) tools
  • Must be able to report to the Ashburn VA office up to 5 days per week
  • Must be have a US Citizenship
  • Must have a Top Secret clearance
  • Must be able to obtain and maintain a CBP BI clearance.

Preferred Qualifications

Master’s degree from an accredited college or university in IT Management, Engineering, or related field

  • SANS GREM certification
  • Previous experience contributing to or leading insider threat investigations in support of Federal Government, DOD, or Law Enforcement environments.
  • Experience performing computer forensics in Federal Government, DOD or Law Enforcement environments.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

July 13, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $107,900.00 - $195,050.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Sign up for Job Alerts