Insider Threat Program Investigative Team Analyst

The Digital Modernization Sector at Leidos currently has an opening for a UAM Investigative Team Analyst supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Program (ITP). This is an exciting opportunity to use your experience to support, sustain, design and evolve the database backbone of the ITP. The ITP mission is to identify insider threats to the department by utilizing advanced analytics, monitoring, and data correlation which in turn help address and eliminate potential threat actors from compromising the DHS mission in safeguarding the homeland.

The selected candidate will be responsible for the following:

• Examine, analyze, and search insider threat data to identify trends, patterns, and insights of potential insider threat indicators.

• Provide analytical, program support services related to the operation of UAM/ UEBA tool.

• Execute detailed and objective inquiry activities to assess behaviors suggestive of insider threat or misconduct.

• Utilize diverse data sources, analytical tools, and enterprise systems to identify behavior patterns and develop comprehensive inquiry reports and memoranda.

• Provide proactive insider threat-based investigations across the DHS enterprise network, leveraging methodologies and behavioral analytics to detect, investigate, and mitigate anomalous activity and policy violations indicative of malicious insider behavior.

• Recommend, coordinate, and facilitate mitigation actions in partnership with law enforcement, security, counterintelligence, human capital, and cybersecurity offices.

• Sustain personnel proficiency and knowledge development through cross-functional team rotations and documentation of best practices and standard operating procedures.

• Provide timely response to insider threat related events (within 4 hours during normal business hours and provide after-hour support). Normal business hours will be defined as 6am to 10pm Monday – Friday excluding weekends and scheduled holidays.  Implement corrective actions to restore normal operations and prevent recurrence. This position is expected to eventually move to shift work to meet the requirement of 24x7 operations at an undetermined later date.

Basic Qualifications:

• Bachelors degree and (12)+ years of prior relevant insider threat experience or Masters with (10)+ years of prior relevant experience. Additional years of experience with requisite certifications will be considered in leu of degree.

• Minimum of 6 years demonstrated knowledge of the intelligence cycle, processes, and organizations.

• Minimum 6 years demonstrated knowledge of various research tools and procedures and methods of analyzing, compiling, reporting and disseminating intelligence data and information.

• Minimum of 6 years demonstrated knowledge of research and analytical techniques as applied to difficult and complex assignments in security, law enforcement, and counterintelligence analysis.

• Minimum of 6 years demonstrated knowledge of Threat Assessment & Mitigation Strategies.

• Have excellent writing skills to compile investigative reports, memos and SOPs.

• Possess a strong background in recommending, coordinating and facilitating mitigation actions with stakeholders.

• Previous Law Enforcement Experience.

• Possess a strong analytical background.

• Have excellent written and verbal skills with ability to deliver briefings to a diverse group of audiences.

• Possess the ability to plan, coordinate, research and analyze all-source intelligence information for accuracy, timeliness, and relevance to mission.

• Possess knowledge of current domestic and international threats to U.S. national security interests.

• Be adept at establishing networks with relevant security, personnel, and prevention stakeholders to foster program utilization.

• Be a self-starter capable of working independently to promote program goals.

• Advanced knowledge of User Activity Monitoring Software (UAM) and solutions.

• Advanced knowledge of Cybersecurity toolsets designed to support ITP mission activities.

• Advanced Knowledge of Open-Source toolsets.

• Working Knowledge of Insider Threat Frameworks; Pathway to Violence & Critical Pathway.

• Current TS/SCI and Must be a US Citizen.

• Ability to obtain DHS EOD SCI and willingness to undergo CI Polygraph.

Preferred Qualifications:

• Master’s degree from an accredited college or university in Criminal Justice, Homeland security, Cyber Security, or related field 

• Proven experience (10+ years) in Intelligence Analysis  

• Experience with User Activity Monitoring products and platforms

• Credentialed Law Enforcement Officer/Investigator

• Certified Counter-Insider Threat Professional - Fundamentals (CCITP-F)

• Certified Counter-Insider Threat Professional - Analysis (CCITP-A)

• Completion of Center for Development of Security Excellence (CDSE) Insider Threat Detection Analysis Course (ITDAC)

• Completion of Workplace Assessment of Violence Risk (WAVR-21) Workshop

• Completion of Center for Development of Security Excellence (CDSE) Curriculums; INT311.CU/INT312.CU/CI201.CU

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

August 27, 2025

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.