Cyber Security Operations Analyst

SPAHR SOLUTIONS GROUP LLCFort Belvoir , VA
Onsite

About The Position

The Cyber Security Specialist will support the DTRA IT Cybersecurity department by providing 24/7 monitoring and response across its network environment. Collaborating with Cybersecurity Service Provider (CSSP) analysts and agency teams, the specialist will analyze threats, develop mitigations, and provide situational awareness to leadership. Responsibilities include ensuring compliance with DoD cybersecurity metrics, monitoring network defense services, conducting threat hunts using standard tools, and documenting findings through detailed technical reports. Strong research skills and the ability to work collaboratively are essential for success in this role. In support of the DTRA IT Cybersecurity (CS) department, the Cyber Security Specialist will provide the required resources and expertise to support 24x7x365 cybersecurity monitoring and response across DTRA’s distributed network operations environment. Working with the DTRA IT, Cybersecurity Service Provider (CSSP) analysts and engineers shall collaborate with various teams throughout the agency to process intelligence, determine threat, develop mitigations, monitor for attacks, and assess risk while providing cyber based Situational Awareness to agency leadership and stakeholders. The Cyber Security Specialist will monitor computer network defense services in a manner that effectively safeguards the confidentiality, integrity, and availability of DTRA-supported network environments and Information Technology infrastructure. The Cyber Security Specialist will provide the required resources and expertise to ensure compliance with DoD CSSP Evaluators Securing Metrics (ESM). In addition, the Cyber Security Specialist will provide support within the existing CSSP structure which includes four simultaneously running processes tooled to assist and defend the system subscriber. The Cybersecurity Analyst is responsible for network threat monitoring across a variety of tools. The analyst is expected to understand how to use standard threat hunting tools to craft targeted queries to detect and monitor intrusions into the network environment. Prior experience writing and submitting detailed technical reports is required in order to submit detailed reports of how the threat was identified, confirmed, contained, and any other follow-on actions. The analyst must also be proficient in conducting research on threats and adversaries across various open source and government database platforms. The ability to work effectively within a team is essential, as the analyst will be required to share and discuss information discovered during the research and monitoring process.

Requirements

  • BS 5-7 Years, MS 3-5, PhD 0-2
  • Experience with cyber security architecture principles that achieve cybersecurity framework goals.
  • Active DoD Top Secret clearance
  • Must be SCI eligible
  • IAT Level II certification
  • CSSP Analyst certification (Security+ CE or better, CEH or better)
  • Experience with open-source research

Nice To Haves

  • SANS GCIH or similar certification
  • Splunk Search App experience
  • Tanium Interact Module experience
  • Wireshark experience
  • Open-source research experience

Responsibilities

  • Provide 24x7x365 cybersecurity monitoring and response across DTRA’s distributed network operations environment.
  • Collaborate with various teams throughout the agency to process intelligence, determine threat, develop mitigations, monitor for attacks, and assess risk.
  • Provide cyber based Situational Awareness to agency leadership and stakeholders.
  • Monitor computer network defense services to safeguard the confidentiality, integrity, and availability of DTRA-supported network environments and Information Technology infrastructure.
  • Ensure compliance with DoD CSSP Evaluators Securing Metrics (ESM).
  • Provide support within the existing CSSP structure.
  • Perform network threat monitoring across a variety of tools.
  • Use standard threat hunting tools to craft targeted queries to detect and monitor intrusions into the network environment.
  • Write and submit detailed technical reports on threat identification, confirmation, containment, and follow-on actions.
  • Conduct research on threats and adversaries across various open source and government database platforms.
  • Work effectively within a team, sharing and discussing information discovered during research and monitoring.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service