Cyber Security Watch Officer
Company: Leidos
Location: Odenton
Posted on: April 1, 2026
|
|
|
Job Description:
The Leidos Digital Modernization Sector has a current job
opportunity for a Mid-Shift Cyber Security Watch Officer (CSWO) at
Ft. Meade, MD POSITION SUMMARY: Serve as a Cyber Security Watch
Officer (CSWO) on the DISA GSM-O II program supporting the DISA
Joint Operations Center (DJOC) Network Assurance team. CSWOs are
principally engaged in the triage of events, cyber incident
handling, network analysis and threat detection, trend analysis,
metric development, vulnerability information dissemination, and
the DoD Cyber Security Service Provider (CSSP) methodology. This
position offers a compressed workweek (10 hour/day 4 days on 3 days
off) on a set Sunday through Wednesday or Wednesday through
Saturday schedule. (Day-shift hours: 5am-3pm. Swing-shift hours:
1pm-11pm. Mid-shift hours 9pm-7am). PRIMARY RESPONSIBILITIES:
Support the DJOC Battle Captain with all Cyber Defense and Network
Assurance issues to include making recommendations regarding
Indicators of Compromise (IOC), malicious cyber activity, and the
overall security posture of our networks. Provide technical
oversight of information security services and customer support
initiatives, by Updating DoD shared SA and knowledge management
(KM) tools, including CMDNet, websites, blogs, and wikis, chat,
collaboration tools, and portals. Consume and analyze operational
reporting from cyber organizations; prepare and deliver daily
situational awareness and operational update briefings, through the
by coordinating with other cyber elements to obtain information for
slide, briefings, presentations, or other SA products. Report DCO
and incident management responses to network intrusions, malware,
and other cyber events. Maintain awareness of all pertinent
directives, orders, alerts, and messages to include the preparation
and delivery of daily situational awareness and operational update
briefings to DISA Senior Leadership. Oversee all network defense
operations and be familiar with the operations process flow and
execution. Coordinate and collaborate with internal DISA elements
and mission partners to share the understanding and impact of
day-to-day malicious cyber activity. Identify problems, determine
accuracy and relevance of a broad range of technical information.
Use sound judgment to generate, evaluate, and execute alternative
courses of action. Produce timely, effective, decision-quality
technical recommendations to support senior leadership. Coordinate
and ensure DoD incident handling reporting procedures are adhered
to in accordance with (IAW) DoD, CJCS, USCC, and DISA guidance,
regulations, and directives. Review Commander Joint Chiefs of Staff
Manual (CJCSM) 6510: Cyber Incident Handling Program. Serve as
Senior Defensive Cybersecurity SME during 24x7 operations. Requires
the ability to think independently and make
decisions/recommendations which will have an immediate effect on
the security of our networks. BASIC QUALIFICATIONS: Must hold a BA
degree and 4 years of experience. Additional experience may be
accepted in lieu of degree. Must have an active Top Secret/SCI
security clearance. Must have a DoD-8570 IAT Level 2 baseline
certification (Security CE or equivalent) to start and must obtain
CSSP-A certification within 180 days of start date. CND experience
(Protect, Detect, Respond and Sustain) within a Computer Incident
Response organization. Requires a deep understanding and the
ability to apply cyber security related principles, theories, and
concepts. Demonstrated understanding of the life cycle of network
threats, attacks, attack vectors and methods of exploitation with
an understanding of intelligence driven defense and/or Cyber Kill
Chain methodology. Work independently and as part of a team to
develop solutions to issues that are unclear and require deep
technical knowledge. Experience in a 24x7 environment. This
includes mentoring, training, and reviewing the work performed by
more junior personnel. Experience recognizing situational awareness
indicators and executing judgment of potential impact on mission
operations. PREFERRED QUALIFICATIONS: Prior Military IT or IC
Experience Hands on Experience working with DoD Networks including
NIPR and SIPR Willing to perform Shift Work – Mid-shift hours:
9pm-7am. Wednesday-Saturday Performs well under pressure and has
the ability to Multitask. Motivated, initiative driven person with
strong written and verbal communication skills, replying to
official communications via email or phone, with the ability to
report or speak to complex technical reports on analytical
findings. Demonstrated understanding of the life cycle of
cybersecurity threats, attacks, attack vectors and understanding of
intrusion set tactics, techniques, and procedures (TTPs) If you're
looking for comfort, keep scrolling. At Leidos, we outthink,
outbuild, and outpace the status quo — because the mission demands
it. We're not hiring followers. We're recruiting the ones who
disrupt, provoke, and refuse to fail. Step 10 is ancient history.
We're already at step 30 — and moving faster than anyone else
dares. Original Posting: March 23, 2026 For U.S. Positions: While
subject to change based on business needs, Leidos reasonably
anticipates that this job requisition will remain open for at least
3 days with an anticipated close date of no earlier than 3 days
after the original posting date as listed above. Pay Range: Pay
Range $87,100.00 - $157,450.00 The Leidos pay range for this job
level is a general guideline only and not a guarantee of
compensation or salary. Additional factors considered in extending
an offer include (but are not limited to) responsibilities of the
job, education, experience, knowledge, skills, and abilities, as
well as internal equity, alignment with market data, applicable
bargaining agreement (if any), or other law.
Keywords: Leidos, Catonsville , Cyber Security Watch Officer, IT / Software / Systems , Odenton, Maryland
