Cybersecurity Operations Analyst II (R-00170)
Role details
Job location
Tech stack
Job description
-
Lead response activities for USCYBERCOM and DCDC directives, managing the lifecycle of Situational Awareness Reports (SAR) and ensuring all assets remain compliant with OPORDs, TASKORDs, IAVM notifications, and STIG requirements by published deadlines.
-
Conduct deep-dive forensic investigations into cybersecurity events (data loss, unauthorized access, network exploits) to determine nature and scope; identify corrective actions for containment, eradication, and recovery.
-
Perform thorough post-incident reviews to derive lessons learned, identify security gaps, and implement preventive measures to strengthen the program's long-term defense posture.
-
Provide expert guidance on cybersecurity directives and risk management policies; review POA&Ms for technical clarity and sound judgment to ensure acceptable remediation timeframes for security controls.
-
Oversee enterprise-wide monitoring and logging across network infrastructure and endpoints to ensure the rapid detection and response to cyber incidents.
-
Maintain and evolve IR SOPs in strict accordance with CJCSM 6510.01B, NIST SP 800-61R2, and DOW regulations to ensure procedural alignment with industry best practices.
-
Translate technical findings into regular status reports for program leadership, DOW officials, and USCYBERCOM /DCDC repositories, detailing incident impact, effectiveness of response strategies, and lessons learned.
-
Drive the evolution of incident response capabilities by identifying weaknesses, recommending advanced technologies, and implementing enhanced processes to stay ahead of evolving cyber threats.
-
Support DOW CIO data collection by reviewing PPSM, CAP, SNAP, and GIAP requests against DISA guidelines; cross-train team members on emerging defense techniques and provide after- hours investigative support for critical incidents.
Requirements
Do you have experience in NIST standards?, Do you have a Bachelor's degree?, * Bachelor's degree in computer science or related field
- U.S. Citizenship and an active Secret Clearance (required) with the ability to obtain and maintain a Top-Secret Clearance.
- Active DoD 8570 IAT Level II certification or greater, including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISSP (or Associate), GCED, GCIH, or CCSP.
- Active DoD 8570 CSSP Incident Responder certification a plus, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+
- Knowledge of Incident Response Handling Procedures (NIST SP 800-61)
- Familiarity with cyber adversary tactics and frameworks (such as ATT&CK and D3FEND)
- Knowledge of one or more of the following cybersecurity tools:
o Trellix/ESS o Tanium o Microsoft Defender Endpoint o BeyondTrust o Splunk
- Great communication skills and attention to detail., * 8+ years in Information Technology or Information Security with 5+ years performing Cybersecurity Operations and Incident Response
Benefits & conditions
Pulled from the full job description
- Parental leave
- Health insurance
- 401(k) matching
- Paid time off
- Cell phone reimbursement
- Internet reimbursement
- Paid holidays, * Required to work onsite daily at our DoD customer office location in Alexandria, VA or Seaside, California.
We're actively searching for talented and expereinced professionals who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:
-
Competitive salary, paid twice per month
-
Best in class medical coverage
-
100% of medical premiums covered by True Zero
-
Company wide new business incentive programs
-
Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
-
3 weeks of PTO starting + 11 Paid Holidays Annually
-
401k Program with 100% company match on the first 4%
-
Monthly reimbursement of Cell Phone and Home Internet costs
-
Paternity/Maternity Leave
-
Investment in training and certifications to broaden and deepen your technical skills