Cybersecurity Operations Analyst

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
• 8+ years of experience in cybersecurity operations, incident response, or related roles
• Experience with endpoint protection platforms (e.g., CrowdStrike Falcon, Microsoft Defender, or similar)
• Understanding of cloud security concepts (e.g., AWS security services, Wiz, or similar tools)
• Familiarity with SIEM tools, log analysis, and security event monitoring
• Working knowledge of NIST 800-171, CMMC, or similar cybersecurity frameworks
• DoD 8570 IAT Level II certification (e.g., Security+, CySA+, or equivalent), or ability to obtain within a defined timeframe

Nice To Haves

• Relevant certifications such as CySA+, GCIH, or CEH
• Experience in aerospace, defense, or other regulated environments
• Exposure to scripting or automation (PowerShell, Python)
• Familiarity with threat hunting or digital forensics concepts
• Strong communication skills and ability to collaborate across teams

Responsibilities

• Monitor and analyze security alerts, investigate potential threats, and escalate issues as appropriate
• Perform troubleshooting, log analysis, and endpoint forensics using tools such as CrowdStrike Falcon, Wiz, and Tenable
• Support incident response activities, including documentation, communication, and coordination during security events
• Deploy, configure, and maintain endpoint security solutions, including EDR platforms
• Monitor endpoint compliance and investigate agent health or coverage issues
• Utilize security tools to support investigations and response efforts
• Review firewall logs to identify anomalies or potential security concerns
• Support firewall rule updates, including documentation and security review
• Conduct periodic firewall policy reviews to ensure alignment with least-privilege principles
• Collaborate with network engineering on firewall-related issues and updates
• Maintain documentation of firewall rules, changes, and baselines
• Participate in post-incident reviews and document lessons learned to improve processes
• Assist in maintaining and refining operational procedures and runbooks
• Contribute to compliance reporting and documentation aligned with NIST 800-171/CMMC
• Identify opportunities to improve security processes and coverage
• Participate in tabletop exercises and security drills
• Work with IT and engineering teams to support remediation of vulnerabilities and security findings
• Contribute to risk management efforts by documenting and communicating security issues
• Stay current on cybersecurity threats, vulnerabilities, and best practices