Cybersecurity Operations Specialist 720

Freedom Technology Solutions GroupSt. Louis, MO
Hybrid

About The Position

Freedom Technology Solutions Group is seeking a Cybersecurity Operations Specialist to provide CSOC Tier 2 and 3 services. This role involves 24x7x365 coordination, execution, and implementation of containment, eradication, and recovery measures for cyber events and incidents. Tier 3 services include malware and implant analysis, and forensic artifact handling and analysis. Contractors will report directly to the Government CIRT Commander during CIRT stand-ups. Responsibilities also include continuous exercises and dry runs to enhance response capabilities. Personnel must obtain DoDD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Incident Responder certifications within six months of hire.

Requirements

  • Bachelors Degree and/or 6 years experience in Cyber Security (CSOS)
  • Active TS/SCI, ability to obtain a polygraph
  • DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder certification.
  • Provide input to and coordinate with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report.
  • Serve as C-IRT members as required and serve under the direct control of, and take direction from, the Government C-IRT Commander.
  • Develop and coordinate courses of action with various Government and contract stakeholders, and when properly authorized by the Government, execute Defensive Cyberspace Operations-Internal Defensive Measures on behalf of the NGA on NGA networks and systems.
  • Perform digital media analysis and malware reverse engineering on host, server, and network data as required to analyze and respond to an incident, including volatile and non-volatile memory and/or system artifact collection and analysis.
  • When properly authorized by the Government, execute custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events.
  • Develop, document, and provide to the Government incident investigation reports which include sufficient information to document the entire lifecycle of the incident and the response, including adversary and friendly forces activity, host and network analysis, timelines, and recommendations for corrective actions, recommendations for new Tactics, Techniques, and Procedures (TTP) and other recommendations as appropriate, within 30 days of C-IRT stand-down.
  • Conduct Quality Control reviews of a percentage of closed CSOC Tier 2 tickets each week to ensure proper analysis, categorization, documentation, and notification.

Nice To Haves

  • Masters degree
  • IAT III certification

Responsibilities

  • Coordinate and implement tasks, perform analysis, and build/document response activities during cybersecurity incident response, including containment measures, IP blocks, domain blocks, and disabling user accounts as directed by the Government.
  • Coordinate with the Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), and other law enforcement/counterintelligence personnel for advanced investigation and triage of incidents.
  • Collaborate with appropriate authorities to produce security incident reports.
  • Categorize incidents and events.
  • Coordinate with other contracts, organizations, activities, and services to ensure proper reporting, containment, and eradication of incidents.
  • Coordinate with other contracts, organizations, activities, and services to de-conflict blue/red team activity with open incidents/events.
  • Coordinate with other contracts, organizations, activities, and services to ensure NGA recovers from an incident/event.
  • Build timelines, documents, and briefings to inform stakeholders about incident response actions, analysis, and the impact of adversary and blue force actions.
  • Document actions taken and analysis in the authorized ticketing system with sufficient detail for reconstruction.
  • Develop and, upon Government approval, generate and update reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems.
  • Develop, maintain, sustain, and, when authorized by the Government, execute custom scripts, tools, and capabilities for data collection, analysis, and incident response.
  • Perform digital media analysis on host, server, and network data, including volatile and non-volatile memory and system artifact collection and analysis, as required for incident analysis and response.
  • Develop and identify indicators of compromise for Cybersecurity stakeholders and other Contract Services.
  • Provide adversary attribution.
  • Perform malware analysis and signature development.
  • Coordinate with CSOC Tier 1 and 2 services to remediate discrepancies and provide recommendations to prevent reoccurrence.

Benefits

  • Flexible work environment
  • Team mentality
  • Work with innovative, cutting edge technologies
  • Extremely competitive compensation and benefits
  • Work-life balance
  • Opportunities to grow and advance your career
  • Matching 401k
  • Fully paid medical
  • Generous paid time off
  • Paid site closure days
  • Competitive salary offerings
  • Paid training
  • Tuition reimbursement
  • Referral bonuses
  • Fully paid life and disability
  • Annual logo wear allowance
  • Company sponsored events (game nights, holiday party, summer party, happy hours)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service