Insider Threat Program User Activity Monitor Sustainment SME

The Digital Modernization Sector at Leidos currently has an opening for a User Activity Monitor (UAM) Sustainment Subject Matter Expert supporting the HEITS Contract as part of the Insider Threat Program (ITP). This is an exciting opportunity to use your experience to serve as the senior technical lead managing the UAM tool and its hosted infrastructure. The ITP mission is to identify insider threats to the department by utilizing advanced analytics, monitoring, and data correlation which in turn help address and eliminate potential threat actors from compromising the Agency mission.

The selected candidate will be responsible for the following:

Serve as the subject matter expert on the User Activity Monitor Software solution, overseeing all updates, changes, deployments, and other sustainment activities. Support UAM maintenance activities to ensure proper functionality and deployment throughout the enterprise. Ensure all coverage gaps are resolved. Help the ITP analysts with requests for new configurations, feeds, and other UAM specific updates. Support all documentation to effectively capture the configuration baseline. Support training as directed by the customer to stakeholders on the usage of the UAM tool and ensure a certification program is in place for personnel development. Experience with endpoint agents, data collectors, and behavioral analytics modules Ability to design and tune UAM policies for risk-based monitoring and alerting Familiarity with session recording, keystroke logging, and screen capture workflows

Basic Qualifications:

• Bachelors degree and (12)+ years of prior relevant experience or Masters with (10)+ years of prior relevant experience 

• Prior Leadership Responsibilities

• Strong Everfox UAM tool Upgrade, maintenance, configuration, and operations experience.
• Experience with the User Activity Monitoring products and platforms
• Experience implementing STIGs and hardening UAM infrastructure
• Proficiency in integrating Everfox UAM with SIEM platforms (e.g., Splunk)
• Deep understanding of Everfox UAM architecture, deployment models, and policy configuration, to include G2CP and U10 deployments
• Ability to obtain DHS EOD SCI

Preferred Qualifications:

• Master’s degree from an accredited college or university in IT Management, Engineering, or related field 
• Proven experience (10+ years) in IT service delivery management 
• Expertise with User Activity Monitoring products and platforms
• Experience with Everfox High Speed Guard Platform

Come break things (in a good way). Then build them smarter.

We're the tech company everyone calls when things get weird. We don’t wear capes (they’re a safety hazard), but we do solve high-stakes problems with code, caffeine, and a healthy disregard for “how it’s always been done.”

Original Posting:

October 2, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $126,100.00 - $227,950.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.