Cyber Defense Analyst

About The Position

Requirements

• Four-year degree in Computer Science, Cybersecurity, Computer Engineering, or a related field, or equivalent hands-on experience in cybersecurity, networking, systems administration, systems engineering, military cyber operations, information warfare, communications, intelligence, or secure enterprise operations.
• At least two years of experience in cybersecurity, networking, systems administration, systems engineering, cyber operations, or a related technical role.
• Working knowledge of Windows Workstation and Windows Server operating systems.
• Knowledge of network protocols, traffic patterns, and common attack behaviors.
• Experience with one or more of the following: EDR platforms, SIEM platforms, Vulnerability management tools, Threat intelligence sources, Log analysis, alert triage, or incident investigation workflows
• Ability to investigate alerts, correlate evidence across data sources, and escalate findings clearly.
• Ability to write, modify, or tune detections using KQL, ES|QL, SQL, SPL, or similar query languages.
• Familiarity with using AI tools to support investigations, analysis, documentation, or workflow efficiency.
• Strong problem-solving, communication, and documentation skills.
• Must be eligible to obtain a U.S. Government Security Clearance.

Responsibilities

• Monitor endpoint and network activity using Microsoft Defender for Endpoint, Elastic, Splunk, and related security tools.
• Triage and investigate alerts, distinguishing benign activity from suspicious or malicious behavior.
• Develop, tune, and maintain detections using KQL, ES|QL, SQL, SPL, or similar query languages.
• Translate threat intelligence, IOCs, TTPs, and emerging threat reporting into actionable detections, dashboards, queries, and hunts.
• Conduct targeted threat hunts using frameworks such as MITRE ATT&CK.
• Document incidents, including timelines, indicators, scope, findings, remediation steps, and lessons learned.
• Build dashboards and visualizations that improve visibility into enterprise activity and anomalies.
• Contribute to playbooks that improve the team’s speed, consistency, and effectiveness during investigations.
• Collaborate with security, IT, and Engineering teams to support investigations and response activities.

Benefits

• Flexible PTO + holidays
• Generous 401k match benefit up to 10%, with an automatic 3% safe harbor contribution and additional matching based on employee contributions.
• Medical (HSA & PPO Plans Available), dental, vision, disability, and life insurance
• Employer Contribution to Health Savings Account (HSA)
• Learning & Development opportunities
• Professional coaching services
• Get the technology you want to do your job
• Free daily snacks & drinks