Information Security Analyst

Clearance Required: Active Top Secret (TS); TS/SCI Preferred

Position Type: Full-Time

Travel: Minimal (as required)

Shift: Rotational

We are seeking a highly motivated Information Security Analyst (Cyber Defense Specialist) to join our dynamic cybersecurity operations team within a secure Department of Defense (DoD) environment. The ideal candidate will possess a deep understanding of cyber threats, advanced network defense strategies, and DoD cybersecurity practices. Candidates will be responsible for detecting, analyzing, and responding to cybersecurity incidents to protect critical government networks and systems. Additionally responsible for planning, implementation, upgrading, or monitoring security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.

Key Responsibilities:

• Monitor, detect, and respond to cybersecurity incidents using network security tools (e.g., SIEM, IDS/IPS, packet analyzers).
• Perform real-time analysis of security alerts and events to assess impact and urgency.
• Conduct forensic analysis of network traffic and endpoint systems following suspected incidents.
• Develop and implement strategies to defend against cyber threats, malware, and intrusion attempts.
• Assist in the creation and refinement of Standard Operating Procedures (SOPs) and incident response playbooks.
• Collaborate with other cybersecurity teams, analysts, and system administrators across the DoD enterprise.
• Document findings, prepare incident reports, and provide recommendations for mitigation or improvements.
• Support vulnerability assessments and compliance audits under DoD cybersecurity frameworks (e.g., RMF, NIST 800-53, STIGs).
• Stay current with emerging cyber threats, vulnerabilities, and defense technologies.

Additional Responsibilities:

• Monitoring. The candidate may:

1. Configure Government-furnished monitoring tools to provide situational awareness views of Government directed networks and maintain these views once configured.
2. Utilize Government-provided monitoring tools to identify potential incidents or degradations of services, applications, or networks.
3. Maintain situational awareness of services, networks, applications, and associated devices.
4. Perform proactive monitoring of applications for status, performance, and health.
5. Monitor and evaluate configurations and performance of services.

• Responding. The candidate may:

1. Implement and respond to network and security access policies.
2. Evaluate and respond to incident events.
3. Respond to outages or events, provide reports on incidents, coordinate changes, apply security patches, coordinate network minimization, and perform any other relevant actions.
4. Respond to incident management system requests for technical support.
5. Respond to service or application outages and implement recovery procedures to isolate specific root causes.
6. Provide impact reports on user activity for outages.
7. Troubleshoot and resolve incidents, as directed by the Government.
8. Escalate incidents, as directed by the Government.
9. Coordinate corrective actions to restore and repair services internally and externally.
10. Execute approved changes, responses, and corrective actions where the Government has change authority.
11. Exercise COOP capability in coordination with the Government, as needed.

• Analyzing. The candidate may:

1. Create impact assessments by correlating operational events with the status of systems.
2. Analyze the configurations of services and applications in order to correct Enterprise anomalies.
3. Perform a basic analysis of performance and cybersecurity event trends and identify problems related to associated network devices, connectivity, services, and applications.
4. Perform trend analysis and report anomalies.

• Reporting. The candidate may:

1. Create incident tickets per event.
2. Initiate, update, track, manage, and resolve incident tickets.

Basic Qualifications:

• Active Top Secret clearance (SCI eligibility preferred).
• 3–5 years of experience in cybersecurity, network defense, or a related field.
• Demonstrated experience with security monitoring tools such as Splunk, ArcSight, Wireshark, or Snort.
• Understanding of network protocols, firewall architectures, intrusion detection/prevention systems (IDS/IPS), and endpoint protection tools.
• Familiarity with DoD cybersecurity policies, procedures, and Risk Management Framework (RMF).
• Strong analytical and problem-solving skills; ability to work independently or as part of a team.

Preferred Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• Security-related certifications such as CompTIA Security+, CEH, GCIH, GCIA, CISSP, or CySA+.
• Experience with SIEM tools and security automation platforms.
• Familiarity with scripting or automation languages (e.g., Python, PowerShell) is a plus.

Additional Requirements:

• Must be a U.S. Citizen.
• Must be willing and able to work in a secure, classified environment.
• Must pass a comprehensive background check.

Join us in defending national security through innovation and vigilance. Apply today to be part of a mission-critical cybersecurity team at the forefront of national defense.