Cybersecurity Analyst Intern
The Digital Modernization Group at Leidos has an opening for a Cybersecurity Analyst intern for the Global Solutions Management – Operations II (GSM-O II) contract. This contract includes the Operations, Sustainment, Maintenance, Repair and Defense of the Defense Information System Network (DISN) within the DOD Information Network (DODIN) in support of the Defense Information Systems Agency (DISA). This position requires onsite support and is located at Hill AFB Utah.
Leidos is a worldwide defense, intelligence, homeland security and advanced technology company. Our program GSM-O is a United States Government program chartered to provide worldwide Defense Information System Network services to the Department of Defense and national security organizations.
Job Summary: We are looking for highly motivated, driven, capable candidates to join our GSM-O team and support our Cybersecurity/Network Assurance team!
Duties: Perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS and custom sensor output as it pertains to the cyber security of communications networks, and participate in the coordination of resources during incident response efforts.
PRIMARY RESPONSIBILITIES:
Review DoD and open-source intelligence for threats.
Identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs.
Utilize alerts from endpoints, IDS/IPS, Netflow, and custom sensors to identify compromises on customer networks/endpoints. Review log files, pivots between data sets, and correlates evidence for incident investigations.
Must be comfortable working in a HIGHLY collaborative environment.
Able to articulate findings, updates, and analysis.
Motivated self-starter with strong written and verbal communication skills.
Must be able to create complex technical reports on analytic findings.
WORK SCHEDULE:
Mon-Friday 0600-1500
BASIC EXPERIENCE, SKILLS, AND QUALIFICATIONS:
Current enrollment in an Associate’s, Bachelor's or Master’s program in Cybersecurity or related discipline is required.
Excellent written/verbal skills with the ability to interpret and author well-formed documents.
Demonstrated commitment to training, self-study and maintaining proficiency in the technical cybersecurity domain.
Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Understanding of any of the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network Forensics.
Familiarity or knowledge of malware analysis concepts and methods.
Familiarity or knowledge of Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
Ability to obtain a Secret clearance is required to start (selected candidates will be sponsored for required clearance).
Must be a US Citizen to qualify.
Work must be performed on Hill AFB, Utah.
To be considered for this internship, candidates must not have graduated prior to May 2025. Candidates must be actively enrolled in a degree plan that extends into fall 2025.
PREFERRED EXPERIENCE, SKILLS, AND QUALIFICATIONS
Security+ and/or CySA+ certifications.
Academic knowledge of CND domains (Protect, Detect, Respond and Sustain).
Understanding of Computer Incident Response organizations or Security Operations Centers.
Familiarity of an enterprise SIEM platform like Splunk or Elastic.
Unix/Linux command line experience.
Detail oriented.
Scripting and programming experience.
Highly engaged and willing/able to collaborate with other analysts.
Emotional Intelligence.
ADDITIONAL INFORMATION:
Obtaining a CompTIA Security+ certification (or IAT Level II equivalent) to join the team plus a CSSP-Analyst certification (CySA+, Pentest+, CEH, etc.) is required within 6 months of hire.