Cybersecurity Operations Specialist 720

Freedom Technology Solutions GroupSaint Louis, MO
Onsite

About The Position

Freedom Technology Solutions Group is seeking a Cybersecurity Operations Specialist to provide CSOC Tier 2 and 3 services. This role involves 24x7x365 coordination, execution, and implementation of containment, eradication, and recovery measures for cyber events and incidents. Tier 3 services include malware and implant analysis, and forensic artifact handling and analysis. Contractors will report directly to the Government CIRT Commander when a CIRT is activated. During non-incident periods, the contractor will conduct continuous exercises and dry runs to enhance response capabilities. Personnel performing CSOC Tier 3 services must obtain IAT Level III and CSSP Incident Responder certifications compliant with DoDD 8140.01 and DoD 8570.01-M within six months of their start date.

Requirements

  • Bachelors Degree and/or 6 years’ experience in Cyber Security (CSOS)
  • Active TS/SCI
  • Ability to obtain a polygraph
  • DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder certification

Nice To Haves

  • Masters degree
  • IAT III certification

Responsibilities

  • Coordinate and implement tasks, perform analysis, and build/document response activities during cybersecurity incident response, including implementing containment measures, IP blocks, domain blocks, and disabling user accounts as directed by the Government.
  • Coordinate with the Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), and other law enforcement and counterintelligence personnel for advanced investigation and triage of incidents.
  • Collaborate with appropriate authorities in the production of security incident reports.
  • Categorize incidents and events.
  • Coordinate with other contracts, organizations, activities, and services to ensure incidents are properly reported, contained, and eradicated.
  • Coordinate with other contracts, organizations, activities, and services to de-conflict blue/red team activity with open incidents/events.
  • Coordinate with other contracts, organizations, activities, and services to ensure NGA recovers from an incident/event.
  • Build timelines, documents, and briefings to inform stakeholders of incident response actions, analysis, and the impact of adversary and blue force actions.
  • Document actions taken and analysis in the authorized ticketing system with sufficient detail for reconstruction.
  • Develop and, upon Government approval, generate and update reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems.
  • Develop, maintain, sustain, and, when authorized by the Government, execute custom scripts, tools, and capabilities for data collection, analysis, and incident response.
  • Perform digital media analysis on host, server, and network data, including volatile and non-volatile memory and system artifact collection and analysis, for incident analysis and response.
  • Develop and identify indicators of compromise for Cybersecurity stakeholders and other Contract Services.
  • Provide adversary attribution.
  • Perform malware analysis and signature development.
  • Coordinate with CSOC Tier 1 and 2 services to remediate discrepancies and provide recommendations to prevent reoccurrence.
  • Provide input to and coordinate with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report.
  • Serve as C-IRT members as required and take direction from the Government C-IRT Commander.
  • Develop and coordinate courses of action with various Government and contract stakeholders, and when authorized by the Government, execute Defensive Cyberspace Operations-Internal Defensive Measures on behalf of the NGA on NGA networks and systems.
  • Perform digital media analysis and malware reverse engineering on host, server, and network data, including volatile and non-volatile memory and system artifact collection and analysis, for incident analysis and response.
  • When authorized by the Government, execute custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events.
  • Develop, document, and provide to the Government incident investigation reports including adversary and friendly forces activity, host and network analysis, timelines, and recommendations for corrective actions, new TTPs, and other recommendations within 30 days of C-IRT stand-down.
  • Conduct Quality Control reviews of a percentage of closed CSOC Tier 2 tickets weekly to ensure proper analysis, categorization, documentation, and notification.

Benefits

  • Flexible work environment
  • Team mentality
  • Work with innovative, cutting edge technologies
  • Extremely competitive compensation and benefits
  • Work-life balance
  • Opportunities to grow and advance your career
  • Matching 401k
  • Fully paid medical
  • Generous paid time off
  • Paid site closure days
  • Competitive salary offerings
  • Paid training
  • Tuition reimbursement
  • Referral bonuses
  • Fully paid life and disability
  • Annual logo wear allowance
  • Company sponsored events (game nights, holiday party, summer party, happy hours)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service