Cyber Security Analyst

About The Position

Requirements

• Top Secret/SCI security clearance.
• Bachelor’s degree in IT Technology, Computer Science, or related field with 4+ years of experience. Degree may be substituted with additional years of experience.
• DOD 8140 (8570) IAT Level II (Security+ or equivalent).
• Strong system administration skills across Windows and Linux platforms.
• In-depth understanding of the Incident Response lifecycle.
• Proficiency in using the Elastic Stack (Elasticsearch, Logstash, Kibana).
• Familiarity with enterprise security tools and procedures.
• Strong problem-solving and analytical skills.
• Comfortable working with limited supervision in a shift-work setting.
• Availability to work weekends and holidays as part of our 24/7 operations.

Nice To Haves

• AF DCGS experience.
• Four to seven years of intelligence network communications or Systems Administration experience.
• Knowledge of security best practices and standards, including NIST, ISO, and SOC operations.
• Experience with AWS and/or other cloud security platforms.
• Background as an ISSO, including STIG/SCAP and vulnerability management.
• Familiarity with tools such as Tanium, Trellix, and ACAS.
• Understanding of network architecture and traffic analysis.
• Basic scripting skills (Python, PowerShell, Bash).
• Elastic certification or SME-level expertise.
• Effective written and verbal communication skills for documentation and collaboration.

Responsibilities

• Lead and assist in incident response investigations through all phases (detection, containment, eradication, recovery, lessons learned) to ensure the confidentiality, integrity, and availability of the OA DCGS weapon system.
• Utilize ELK/Elastic Stack to perform log analysis, threat detection, and investigations; Create and maintain security incident reports and dashboards.
• Escalate and document internal/external security incidents through appropriate ticketing and reporting processing.
• Design, implement, and maintain cybersecurity SOPs and incident playbooks.
• Maintain documentation of IR processes and case notes; Ensure security testing and evaluations are completed and properly documented.
• Support proactive threat hunting and vulnerability assessments.
• Analyze and correlate logs from varied data sources to identify patterns and anomalies.
• Understand network protocols and establish baselines to identify abnormal activity.
• Perform cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network.
• Apply knowledge of Zero-Day vulnerabilities and CVEs to incident handling and remediation.
• Collaborate with cross-functional teams and external stakeholders as needed.
• Provide guidance for securing information systems and support cyber vulnerability penetration assessments.
• Operate independently during shifts and respond to security alerts with urgency.

Benefits

• Healthcare benefits.
• Wellness programs.
• Financial benefits.
• Retirement plans.
• Family support programs.
• Continuing education opportunities.
• Time off benefits.