Cyber Defense Analyst - Swing Shift

ASRC FederalQuantico, VA
Onsite

About The Position

ASRC Federal is seeking a highly skilled and experienced Cyber Defense Analyst (Threat Hunter) to join our dynamic team on the swing shift (1400 – 0000), providing extended-hours coverage that includes weekend and holiday rotations (Four 10-hour shifts per work week). This is a fully on-site position at Quantico Marine Corps Base, VA — no telework is available for this role. The successful candidate will perform robust network security monitoring and proactively identify potential threats across our enterprise infrastructure. This role is critical for defending mission systems, conducting in-depth traffic and vulnerability analysis, and maintaining a strong security posture in support of Department of War (DoW) missions. The Cyber Defense Analyst (Threat Hunter) is a vital role responsible for performing comprehensive network security monitoring and proactive threat hunting during swing-shift, weekend, and holiday coverage windows. This position focuses on safeguarding the network through continuous traffic analysis, vulnerability and wireless scanning, and leveraging enterprise tools such as SIEM, SOAR, CrowdStrike, CyberArk, and Endpoint Security Suite (ESS). The Analyst will collaborate with cross-functional IT and security teams to: * Implement Information Assurance Vulnerability Management (IAVM) programs * Manage Network Access Control * Provide insider threat support * Monitor data at rest * Review web content filtering * Maintain and upkeep various cybersecurity applications and tools on servers and workstations to ensure high operational readiness during all covered hours

Requirements

  • At least five (5) Years – Hands-on technical cybersecurity experience and knowledge of Computer Network Defense concepts, DISA Security Technical Information Implementation Guides, DoD A&A Process, NIST SP 800-53, NIST SP 800-61, CJCSM 6510.01 B, United States Cyber Command guidelines, and other applicable DoD Cyber Security and Computer Network Defense policies.
  • Active Top-Secret Clearance REQUIRED, eligible to be upgraded to TS/SCI.
  • Bachelor’s degree in information technology, Information Systems Management, Cyber Security, or equivalent experience.
  • Must meet 8570 certification requirements at the time of hire.
  • Experience analyzing log files from network traffic logs, firewall logs, IDS logs, DNS logs and ESS to identify possible security threats (e.g., determine rogue systems, infected systems, unauthorized system changes, and unauthorized hardware connections).
  • Ability to identify violations of internet access by reviewing web content filtering logs in accordance with DoD policy, and Standard Operating Procedures (SOPs).
  • Experience in processing and handling JFHQ DODIN Cyber related tasks to completion.
  • Performance of threat hunting activities using DoD approved cyber tools through data hunting, manipulation, and presentation, including generating queries and reports for management and the end-customer.
  • Validation and confirmation of critical security events and assessing the impact of the event, by incorporating data from multiple tool sources.
  • Identifying evidence of illegal activity involving cybercrime offenses and examining computers that may have been involved in other types of crime or malware infection.
  • Use of forensic tools and investigative methods to find specific electronic data, namely associated with performing complex malware analysis.
  • Experience developing and maintaining SOPs for security monitoring.
  • Provide daily/weekly/monthly reports to senior leadership on key indicators of network security.

Nice To Haves

  • IAT Level II (e.g., CCNA Security, CySA +, GICSP, GSEC, Security+, SSSP or a CSSP Auditor Certification CEH, CISA, GSNA is preferred).

Responsibilities

  • Perform robust network security monitoring and proactively identify potential threats across our enterprise infrastructure.
  • Defend mission systems.
  • Conduct in-depth traffic and vulnerability analysis.
  • Maintain a strong security posture in support of Department of War (DoW) missions.
  • Perform comprehensive network security monitoring and proactive threat hunting during swing-shift, weekend, and holiday coverage windows.
  • Safeguard the network through continuous traffic analysis, vulnerability and wireless scanning, and leveraging enterprise tools such as SIEM, SOAR, CrowdStrike, CyberArk, and Endpoint Security Suite (ESS).
  • Collaborate with cross-functional IT and security teams.
  • Implement Information Assurance Vulnerability Management (IAVM) programs.
  • Manage Network Access Control.
  • Provide insider threat support.
  • Monitor data at rest.
  • Review web content filtering.
  • Maintain and upkeep various cybersecurity applications and tools on servers and workstations to ensure high operational readiness during all covered hours.
  • Analyze log files from network traffic logs, firewall logs, IDS logs, DNS logs and ESS to identify possible security threats (e.g., determine rogue systems, infected systems, unauthorized system changes, and unauthorized hardware connections).
  • Identify violations of internet access by reviewing web content filtering logs in accordance with DoD policy, and Standard Operating Procedures (SOPs).
  • Process and handle JFHQ DODIN Cyber related tasks to completion.
  • Perform threat hunting activities using DoD approved cyber tools through data hunting, manipulation, and presentation, including generating queries and reports for management and the end-customer.
  • Validate and confirm critical security events and assess the impact of the event, by incorporating data from multiple tool sources.
  • Identify evidence of illegal activity involving cybercrime offenses and examine computers that may have been involved in other types of crime or malware infection.
  • Use forensic tools and investigative methods to find specific electronic data, namely associated with performing complex malware analysis.
  • Develop and maintain SOPs for security monitoring.
  • Provide daily/weekly/monthly reports to senior leadership on key indicators of network security.
  • Communicate complex technical ideas to a diverse customer base, both verbally and in written form.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service