The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Cyber Security Directorate (CSD) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.
Leidos is seeking an experienced Insider Threat Expert to join our team. As a member of this highly technical digital forensics team supporting U.S. Customs and Border Protection (CBP), you will be responsible for leading user activity monitoring activities, foreign service national monitoring, insider threat analysis, and investigating policy violations, data loss prevention (DLP) events, and sensitive data spillages.
Primary Responsibilities
The candidate will be responsible for:
Basic Qualifications
Requires BS degree and a minimum of 8 or more years of direct relevant experience.
Requires an active and current CISSP certification
Degree in computer science, IT, Information/Cyber Security field from an accredited college or university.
Additional experience or applicable certifications acceptable in lieu of degree.
Working knowledge of defense-in-depth principles, network/HW/SW security architecture, network topology, IT device integrity, and common security elements
Effective communication skills with emphasis on attention to detail, ability to accurately capture and document technical remediation details, and ability to brief stakeholders on incident statuses, recovery and root causes.
Demonstrable experience performing forensic analysis, digital media analysis, and in-depth system & network log analysis in support of forensic investigations.
Ability to generate forensically sound cyber analysis reports detailing forensically sound analysis procedures, findings, and recommendations from incident investigations.
Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure.
Experience with User Activity Monitoring products and platforms
Experience with Endpoint Detection and Response (EDR) tools
Must be able to report to the Ashburn VA office up to 5 days per week
Must be have a US Citizenship
Must have a Top Secret clearance
Must be able to obtain and maintain a CBP BI clearance.
Preferred Qualifications
Master's degree from an accredited college or university in IT Management, Engineering, or related field
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.
Original Posting:
July 13, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $107,900.00 - $195,050.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.