Talent.com
serp_jobs.error_messages.no_longer_accepting
Insider Threat Engineer (Baltimore)

Insider Threat Engineer (Baltimore)

Maryland StaffingBaltimore, MD, United States
job_description.job_card.variable_hours_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Insider Threat Engineer

Leidos is seeking a highly skilled and experienced Insider Threat Engineer to support and maintain an enterprise-wide insider threat detection and response program at the Social Security Administration (SSA). This position focuses on advancing the agency's capabilities in user activity monitoring (UAM), automation, data loss prevention (DLP-Trellix), automation, and technical threat detection to prevent unauthorized disclosures, fraud, and abuse. The candidate will be instrumental in delivering analytical and engineering support to the Insider Threat Program Management Office (PMO) and may be required to deliver and receive sensitive briefings within SSA secured spaces such as the SCIF or approved alternate secure locations. Join a high-performing cybersecurity team responsible for safeguarding the agency's data and supporting the SSAs mission to serve over 65 million Americans monthly.

Your passion and values might be a good fit for our teams if you answer yes to the following questions :

  • Are you looking for a company that puts employees first, with a focus on career, flexibility, and well-being?
  • Do you enjoy collaborating with colleagues and teammates and believe that the best ideas are fostered in an inclusive environment?
  • Are you searching for a team with a strong sense of ownership, urgency, and drive for daily mission success?
  • Are you comfortable with proactive outward communication and technical leadership?
  • Do you enjoy being a catalyst, solving complex problems, and providing innovative solutions?
  • Do you have the flexibility, creativity, and resilience to pivot the mission for success?
  • Do you have the courage to make tough ethical decisions with pride, transparency, and respect?

Our teams are dedicated to supporting new team members in an environment that celebrates knowledge sharing and mentorship. Experienced team members will be assigned to new hires for one-on-one mentoring, collaborative reviews, and coaching on customer engagement to help each new hire successfully onboard and demonstrate their skills. Projects and tasks are assigned in a way that leverages your strengths and will help you further develop your skillset.

Every position we take is more rewarding when you know the why behind it. Know your work makes a difference to support those who need it most. If your passion is enabling life changing service to those around, you this is the place for you. Find your passion in a team environment where all members are valued regardless of contractor or employee status. Find your Why with us and take your place in our Leidos Family!!

Technical Engineering and Automation

  • Engineer, implement, and maintain User Activity Monitoring (UAM) and Data Loss Prevention (DLP) solutions, ensuring continuous visibility into user behavior and sensitive data usage.
  • Configure, maintain, and optimize Trellix endpoint security and DLP capabilities for insider threat use cases.
  • Experience leveraging Trellix DLP to detect and investigate insider threat behaviors, including sensitive data exfiltration, unauthorized file transfers, and anomalous user activity.
  • Automate detection, alerting, and reporting processes using Python, Ansible, or JSON to increase efficiency and accuracy.
  • Integrate UAM and DLP solutions with other enterprise cybersecurity tools (e.g., SIEM, SOAR, EDR, Trellix platform).
  • Develop dashboards and reports that highlight key insider threat indicators, anomalous activity, and program performance metrics.
  • Perform SOC related activities including monitoring, triaging, and investigating insider threat and DLP alerts to support timely detection and response.
  • Basic understanding in networking, cybersecurity principles, and experience with common security tools (e.g., firewalls, SIEM, DLP, endpoint security, vulnerability scanners).
  • Experience with Splunk for log analysis and developing use cases to support insider threat detection and reporting.
  • Demonstrated adaptability with an open mind toward learning new technologies and taking on challenging responsibilities in a dynamic environment.

    • Cyber Threat Detection & Analysis

  • Develop and refine methods to extract, analyze, and correlate data from SSA IT systems to proactively detect potential insider threats.
  • Monitor and analyze trends in cyber activity and anomalous behavior to assess risks to SSA's confidentiality, availability, and integrity.
  • Leverage feeds, incident reports, and threat briefs to assess relevance to SSA's environment and enhance the program's threat modeling capability.

    • Policy, SOP Development & Reporting

  • Prepare and present insider threat briefings to program leadership and executives, following agency writing and presentation standards.
  • Contribute to Insider Threat Work Status Reports with detailed analytics, visuals (charts / dashboards), and recommendations.

    • Foundation for Success (Basic Qualifications)

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • Proven experience in cybersecurity, DLP Trellix or Palo Altos, or a related area.
  • Hands-on experience with Trellix Data Loss Prevention (DLP) for monitoring, detecting, and controlling sensitive data movement across endpoints, email, and network channels.
  • Good understanding of networking and firewall fundamentals, including how monitoring tools interact across segmented architectures.
  • Familiarity with Palo Alto Networks firewalls and their logging capabilities (useful for correlating user activity across layers).
  • Strong analytical and problem-solving skills; ability to make data-driven recommendations.
  • Excellent written and verbal communication skills, particularly in conveying technical insights to leadership.
  • Must be able to obtain and maintain a Public Trust. Contract requirement.
  • Selected candidate must be willing to work on-site in Woodlawn, MD 5 days a week.

    • Factors to Help You Shine (Required Skills)

  • Experience in using Splunk ES or enterprise Splunk is a plus.
  • Ability to make decisions based upon analysis of documentation.
  • Experience with endpoint monitoring tools, SIEM / SOAR integrations, and identity-based risk scoring.
  • Working knowledge of DLP, EDR, or behavioral analytics platforms in support of insider threat detection.
  • Experience working in a classified environment and delivering briefings in SCIF settings.
  • Understanding of NIST 800-53 and related to Insider Threat Programs.

    • How to Stand Out from the Crowd (Desired Skills)

  • Experience with federal regulatory requirements and compliance standards related to cybersecurity.
  • Knowledge of programming, Splunk automation, network and firewall operations.
  • Familiarity with security tools and technologies used for threat detection and analysis.
  • Security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are a plus.

    • At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams and contribute to our communities. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Every position we take is more rewarding when you know the why behind it. Know your work makes a difference to support those who need it most. If your passion is enabling life changing service to those around, you this is the place for you. Find your passion in a team environment where all members are valued regardless of contractor or employee status. We are excited for you to take your place in our Leidos Family.

    Are you an US citizen, US resident, or Visa candidate and think you might fit? We recommend you apply and start the conversation today! Join us in supporting our SSA contracts in Woodlawn, Maryland.

    At Leidos, we don't want someone who fits the moldwe want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, what's next? before the dust settles on what's now. If you're already scheming step 20 while everyone else is still debating step 2 good. You'll fit right in.

    Original Posting : September 9, 2025

    For U.S. Positions : While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

    Pay Range : $85,150.00 - $153,925.00

    The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job,

    serp_jobs.job_alerts.create_a_job

    Insider Threat Engineer • Baltimore, MD, United States

    Job_description.internal_linking.related_jobs
    • serp_jobs.job_card.promoted
    Cyber Security Deception / Threat Hunter

    Cyber Security Deception / Threat Hunter

    AGR, LLCArlington, VA, US
    serp_jobs.job_card.full_time
    We are currently seeking an experienced.Senior Cyber Security Deception Engineer / Threat Hunter.Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    Threat Assessment Team Lead

    Threat Assessment Team Lead

    K2 Group, Inc.Arlington, VA, US
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    This is a contingent opportunity Threat Assessment Team Lead is responsible for the pre-assessment coordination requirements and providing installation support for the development and public...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    Senior Threat Hunter

    Senior Threat Hunter

    cFocus Software IncorporatedWashington, DC, US
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    Focus Software seeks a Threat Hunter to support the Administrative Offices of the United States Courts (AOUSC) in Washington, DC. This position will require 4 days a week onsite at the Thurgood Mars...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Senior Security Engineer

    Senior Security Engineer

    NetImpact Strategies Inc.Bethesda, MD, United States
    serp_jobs.job_card.full_time
    Be among the first 25 applicants.Get AI-powered advice on this job and more exclusive features.We are seeking a highly skilled Security Engineer to join our team, specializing in implementing secur...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_1_day
    • serp_jobs.job_card.promoted
    Security Engineer

    Security Engineer

    LeidosBethesda, MD, United States
    serp_jobs.job_card.full_time
    Leidos is seeking a Security Engineer to support the National Media Exploitation Center (NMEC).This role will be responsible for analyzing and assessing computer / network architecture security requi...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Threat Assessment Team Lead

    Threat Assessment Team Lead

    Clearance JobsWashington, DC, US
    serp_jobs.job_card.full_time
    This is a contingent opportunity.The Threat Assessment Team Lead is responsible for the pre-assessment coordination requirements and providing installation support for the development and publicati...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    Cybersecurity Engineer (Identity)

    Cybersecurity Engineer (Identity)

    Barrow Wise ConsultingMD, USA
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    Enjoy problem-solving, need a venue to display your creativity, and emerging technologies pique your interest; if so, Barrow Wise Consulting, LLC is for you. As a multi-disciplined leader, you under...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Manager, Threat Assessment and Threat Management

    Manager, Threat Assessment and Threat Management

    Clearance JobsWashington, DC, US
    serp_jobs.job_card.full_time
    Threat Assessment And Threat Management Manager.Anduril Industries is a defense technology company with a mission to transform U. By bringing the expertise, technology, and business model of the 21s...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Red Team Security Engineer

    Red Team Security Engineer

    HugoNetWashington, DC, United States
    serp_jobs.job_card.full_time
    SECURITY CLEARANCE REQUIREMENT : TS, WITH SCI ELIGIBILITY.This position requires onsite work.However, due to COVID-19, remote work on a rotational schedule is temporarily available.POSITION REQUIRES...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Blue Team Security Engineer

    Blue Team Security Engineer

    HugoNetWashington, DC, United States
    serp_jobs.job_card.full_time
    SECURITY CLEARANCE REQUIREMENT : TS, WITH SCI ELIGIBILITY.REMOTE OPPORTUNITY : This position requires onsite work.However, due to COVID-19, remote work on a rotational schedule is temporarily availab...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    Threat Analyst

    Threat Analyst

    Independent SoftwareFort Meade, MD, US
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    As a Threat Analyst at Independent Software, you will analyze and assess potential risks to missions, personnel, and facilities by leveraging data from multiple systems and information sources.You ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Manager, Threat Assessment and Threat Management

    Manager, Threat Assessment and Threat Management

    AndurilWashington, DC, US
    serp_jobs.job_card.full_time
    Manager, Threat Assessment and Threat Management.Anduril Industries is a defense technology company with a mission to transform U. By bringing the expertise, technology, and business model of the 21...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Information Security Engineer

    Information Security Engineer

    International Legal Technology AssociationWashington, DC, United States
    serp_jobs.job_card.full_time
    The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual / remote in a firm-approved U.The In...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    Security Engineer

    Security Engineer

    GetWellNetwork, Inc.Bethesda, MD, US
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    Security Engineer Reporting to : Chief Information Security Officer Location / Travel : This position can be based remotely in the US, or based in our Bethesda, MD HQ Opportunity : ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Asset Protection Specialist

    Asset Protection Specialist

    Home Depot (Retail)Annapolis, MD, US
    serp_jobs.job_card.full_time
    Position Purpose : The Asset Protection Specialist is primarily responsible for preventing financial loss caused by theft and fraud and supporting safety and environmental program compliance in thei...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    Associate Director, Insider Risk

    Associate Director, Insider Risk

    Control RisksWashington, DC, US
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    This role may be based in NYC or Washington DC.We seek a skilled expert in the high-risk crisis response topics of insider risk, corporate espionage and IP theft mitigation, threat management, and ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Senior Security Engineer - 3632013

    Senior Security Engineer - 3632013

    EmergencyMDWashington, DC, United States
    serp_jobs.job_card.full_time
    At TCG, we aim to prove that businesses can be good to their employees and responsible to their community while being profitable. We're an award-winning IT solutions provider to the Federal governme...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Senior Platform Security Engineer

    Senior Platform Security Engineer

    AffirmWashington, DC, United States
    serp_jobs.job_card.full_time
    Senior Platform Security Engineer.Be among the first 25 applicants.Senior Platform Security Engineer.Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibili...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Global Threat Analyst

    Global Threat Analyst

    GoogleWashington, DC, US
    serp_jobs.job_card.full_time
    Security is at the core of Google's design and development process : it is built into the DNA of our products.The same is true of our offices. You're an expert who shares our seriousness about securi...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    F5 Security Engineer - Active TS / SCI with CI Poly

    F5 Security Engineer - Active TS / SCI with CI Poly

    ENS Solutions, LLCWashington, DC, US
    serp_jobs.job_card.full_time
    serp_jobs.filters_job_card.quick_apply
    Participate in the development and support of customer technical requirements .Champion a collaborative, team-based environment, sharing standard methodologies and success and building positiv...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30