Cyber Defense Analyst (Mid-Level)

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent work experience).
• 3-5 years of experience in cybersecurity operations, with a focus on incident detection, response, or analysis.
• Experience with log analysis tools (e.g., Splunk, ELK, QRadar), SIEM platforms, and forensic tools.
• Familiarity with IDS/IPS, firewall technologies, and network protocols.
• Solid understanding of cybersecurity frameworks (e.g., NIST 800-61, MITRE ATT&CK).
• Strong analytical and troubleshooting skills.
• Excellent verbal and written communication skills.

Nice To Haves

• Experience supporting federal government cybersecurity programs.
• Familiarity with threat hunting, endpoint detection and response (EDR) tools, and malware analysis.
• Experience documenting and reporting to internal leadership or external regulatory bodies.

Responsibilities

• Coordinate and execute incident response functions across enterprise systems.
• Provide expert technical support to cyber defense technicians to analyze, resolve, and document incidents.
• Perform log analysis from a wide range of sources including host, firewall, IDS, and network traffic logs to detect potential threats.
• Conduct cyber incident triage, determine scope and urgency, identify vulnerabilities, and recommend immediate remediation.
• Execute real-time incident handling activities such as forensic collection, intrusion correlation and tracking, and threat analysis.
• Support deployable Incident Response Teams (IRTs) with technical tasks during active investigations.
• Perform initial forensic image collection and inspection to support mitigation and remediation efforts.
• Conduct cyber defense trend analysis and reporting to identify recurring patterns and emerging threats.
• Receive, review, and analyze network alerts from internal monitoring tools and threat intelligence sources.
• Track and document incidents from initial detection through final resolution, ensuring completeness and accuracy of case records.
• Apply defense-in-depth principles and best practices, including layered security and redundancy.
• Collect and analyze intrusion artifacts (e.g., malware, trojans, source code) to enhance incident mitigation strategies.
• Collaborate with intelligence analysts to correlate cyber threat data and improve situational awareness.
• Monitor external threat intelligence feeds (e.g., vendor advisories, CERT alerts, vulnerability databases) to stay informed of current threats and assess enterprise impact.

Benefits

• Commitment to diversity and equal opportunity employment.
• Participation in E-Verify.