We are seeking a Mid-Level Cyber Defense Analyst to support incident response and threat analysis operations for federal government systems. This position is located in Washington, DC and requires a Top Secret clearance.
Position Description:
The Cyber Defense Analyst will coordinate incident response activities and provide technical analysis of security events across the enterprise. Key responsibilities include:
- Perform incident response coordination and triage
- Analyze security logs and threat indicators
- Conduct forensic collection and analysis
- Monitor and investigate security alerts
- Coordinate with intelligence teams
- Track and document security incidents
- Implement defense-in-depth strategies
- Analyze malware and intrusion artifacts
- Monitor external threat sources
- Provide technical support to security teams
- Develop incident response documentation
- Maintain security metrics and reporting
Required Education and Experience:
- 4+ years of experience in cyber defense and incident response
- Active Top Secret clearance
- Experience with security tools and technologies
- Background in incident handling and response
Required Skills and Competencies:
- Strong knowledge of incident response procedures
- Experience with log analysis and correlation
- Proficiency in security monitoring tools
- Knowledge of forensic collection methods
- Understanding of malware analysis
- Experience with IDS/IPS systems
- Strong analytical and problem-solving skills
- Ability to perform trend analysis
- Knowledge of defense-in-depth principles
- Experience with security documentation
- Strong communication abilities
- Expertise in threat analysis
Desired Skills and Competencies:
- Bachelor's degree in related field
- Security certifications (e.g. Security+, GCIH, CEH, GCTI, GREM, GCFA)
- Experience with SIEM platforms (e.g. Splunk)
- Knowledge of threat intelligence
- Expertise in network security
- Experience with forensic tools (e.g., Forensic Tool Kit [FTK], Foremost, EnCase)
- Background in vulnerability management
- Understanding of APT tactics
- Experience with enterprise security tools (e.g. Tenable Nessus, WebInspect, Splunk, and BigFix)
- Knowledge of federal security requirements
- Programming/scripting capabilities
This position requires flexibility to support 24/7 incident response operations and may include on-call responsibilities.