Role Description We are looking for a Security Operations Analyst (SOC Analyst) responsible for continuously monitoring the security of the company’s devices and systems, investigating security incidents, and generating periodic reports to support our compliance and operational security initiatives. The person will primarily work with tools from the Microsoft ecosystem, including Microsoft Defender, Intune, and Entra ID, ensuring compliance with internal policies and contributing to compliance initiatives such as SOC 2 Type II. - Monitor security alerts and events on a daily basis using Microsoft Defender and other security tools. - Investigate suspicious activities, incidents, and anomalies on endpoints and corporate accounts. - Document security incidents and follow up on corrective actions. - Generate biweekly and monthly reports on: - Detected incidents - Relevant alerts - Policy compliance - Corporate device status - Security metrics - Verify compliance with corporate policies on laptops and assigned devices. - Monitor access controls, MFA, and user activity. - Collaborate with internal audits and compliance processes. - Maintain evidence and documentation required for SOC 2 audits. - Participate in periodic reviews of access permissions and corporate assets. - Escalate critical incidents according to established procedures. - Propose continuous improvements in security controls and monitoring. Qualifications - Experience in security monitoring or cybersecurity operations. - Knowledge of: - Microsoft Defender for Endpoint - Microsoft 365 Security - Microsoft Entra ID - Microsoft Intune - Basic to intermediate knowledge of: - SIEM - Incident management - Endpoint security - Access control - MFA - Endpoint hardening - Experience documenting incidents and generating executive reports. - Familiarity with security standards or frameworks such as: - SOC 2 - ISO 27001 - NIST, preferred - Intermediate English required. - Ability to: - Read technical documentation - Participate in basic meetings in English - Write simple reports - Communicate with international clients or vendors Requirements - 2+ years in roles related to: - SOC - Cybersecurity - IT security - Security operations - Microsoft security administration Preferred Certifications - Microsoft SC-200 - Microsoft SC-300 - Security+ - AZ-500 - SOC Analyst certifications Benefits - Remote and flexible work environment. - Participation in real compliance and security initiatives. - Professional growth opportunities in cybersecurity. - Work with modern technologies from the Microsoft ecosystem. - Exposure to international audit and compliance processes.

• Work cross-functionally with Information Security Operations and Infrastructure/DevOps teams, to administer and optimize security posture across multi-cloud (GCP/AWS) infrastructure, including native security services, IAM, logging, and threat detection • Triage and respond to cloud security alerts and vulnerabilities; implement timely mitigations, configuration changes, and patches • Own configuration and hygiene for cloud security consoles (examples: GCP Security Command Center, Cloud Logging, Cloud Armor, KMS, IAM , etc.) • Partner with DevOps to implement secure baseline configurations and guardrails (network segmentation, least privilege, encryption, key management, secrets handling, egress controls), in alignment with industry standard frameworks such as CIS, NIST 800-53, OWASP Top 10, etc. • Run day-to-day vulnerability workflows: detection, prioritization, remediation, and validation across cloud services, hosts, containers, and third-party dependencies • Manage and harden security configurations for Kubernetes Engine environments, including: Cluster and node security settings, RBAC, pod security controls, network policies, admission controls, and runtime security, Image vulnerability scanning, container supply-chain controls, patch cadence and version lifecycle management for clusters/nodes and supporting components • Support secure implementations/integrations of AI within cloud infrastructure, including: Data protection controls (PII/PHI handling, encryption, retention, audit logging) • Network controls (private connectivity where feasible, egress restrictions, proxying, allowlists) • Usage monitoring, abuse prevention, and security reviews for AI-driven features/workflows • Contributing to internal AI security standards (prompt/data handling guidance, logging strategy, third-party risk considerations) • Work cross-functionally with IS Risk and Compliance team to produce evidence and reporting to support internal security requirements and external compliance obligations (e.g., SOC 2 / ISO-aligned controls, healthcare and privacy expectations) • Participate in security incident response for cloud-related events, including containment and recovery actions • Other duties as assigned

Role Description The NISC IV program at Leidos is seeking an Operations Security Data Release Support Specialist to provide support to the Federal Aviation Administration (FAA) System Operations Security Group. Support will require you to assist the government in addressing a broad range of NAS Data Release Board (NDRB) issues associated with protection of sensitive flight data (SFD) and operations security (OPSEC) issues associated with air traffic control, airspace restrictions, SFD identification and protection, Standard Operating Procedures Development, FAA Prohibitions, Restrictions, and Notices (PRN), Limiting Aircraft Data Displayed (LADD) program, and data release issues associated with integration of unmanned aerial systems (UAS) in the NAS. You will support the development of solutions to complex air traffic management (ATM) operations security and data release projects and programs for NAS stakeholders. - Support the OPSEC, privacy, and data release procedures and policies of the FAA as they pertain to the security of the NAS. - Maintain and publish the Limiting Aircraft Data Displayed (LADD) program database. - Support during development and writing of OPSEC and data release policy and procedures for sensitive military and law enforcement flight operations, flight data identified as Sensitive Unclassified Information (SUI) and Controlled Unclassified Information (CUI), and aircraft privacy programs through Document Change Proposals (DCPs) for FAA Orders; Notices to Airmen (NOTAMs); Memorandums of Agreement (MOAs), Letters of Agreement (LOAs), and/or other written documents as required. - Respond to security-related issues such as Sensitive Flight Data, call sign requests, LADD Program, Sensitive FAA Publications and Orders, FOIA requests, PRN site requests, and other security related issues. - Systematically gather and analyze information and manage privacy, operations security (OPSEC), and flight data protection risks and associated mitigations for Federal, State, and Local law enforcement and other government agencies. - Technical support for meetings and direct interface with government and law enforcement agencies and other NAS stakeholders regarding OPSEC, privacy, and NAS data release requirements. - Updates to Sensitive Flight Data (SFD) and/or LADD program identification and protection data for use by FAA data release programs. - Be the focal for coordinating, updating, and development of AJR-2 internal SOP’s. - Provision of other written products to the government when required. - Support for related briefings regarding OPSEC and NAS data release issues for public, local, state and federal stakeholders when required. - Support J-CAT operations and development of J-CAT procedures, work tools, and templates. Qualifications - Bachelors degree and 12 – 15 years of prior relevant experience or Masters with 10 – 13 years of prior relevant experience or if no degree, additional related work experience can be substituted. - Knowledge of FAA NAS security processes and information systems. - Experience managing Sensitive Flight Data. - Excellent oral and written communication skills and ability to handle multiple tasks and deadlines. - Skill in communicating at the senior leadership level within the FAA and external entities requesting approval for release of FAA NAS data. - Experience with Microsoft Office and Adobe Acrobat Pro. - Must be familiar with J-CAT Operations and enterprise level responses to natural disasters and other significant incidents affecting the NAS. Preferred Qualifications - Familiarity with FAA NAS data systems including ADS-B and secondary surveillance radar data, and SWIM data systems. - Familiarity with FAA Prohibitions, Restrictions, and Notices (PRN). Original Posting June 2, 2026 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range Pay Range $116,350.00 - $210,325.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

• Work with the technical lead on cybersecurity project scopes • Work with Team to develop strategy and timeline to meet project’s milestones and deliverables • Participate in network design, security architecture, and diagrams • Participate in hardware, software, and communications media specification • Participate in device configurations and hardening for security compliance and Risk Management • Work with Team to ensure timely delivery of high-quality cybersecurity documentation including security policies and procedures, RMF artifacts, configuration guides, testing reports, and training materials • Participate in cybersecurity assessments including vulnerability and compliance scanning and reporting • Participate in S&C’s Information Security program as it applies to customer facing services • Must be able to work independently in a fully remote environment • Ability to relay technical information to non-technical audiences • Function effectively within a global teams environment and under minimal supervision • Ability to travel internationally and out of state on average 4-5 times per year for 1-3 weeks per trip • Maintains regular and punctual attendance. • Attends in-person or virtual meetings as requested or required. • Communicates effectively and respectfully with others. • Other responsibilities as assigned.