Cyber Ops Specialist

About The Position

Requirements

• Bachelors degree in cybersecurity, computer science, information systems, engineering, or a related field; an additional 4 years of relevant experience may substitute for a degree.
• 5+ years of hands-on cyber defense, SOC, incident response, or threat hunting experience in enterprise or mission environments.
• Experience analyzing security telemetry and conducting event triage, IOC development, and incident documentation.
• Experience supporting integration and testing of defensive cyber capabilities (e.g., sensors, logging, or analytics pipelines).
• U.S. Citizenship.
• Active TS/SCI with Polygraph security clearance.
• Understanding of cybersecurity principles and threat analysis methodologies; ability to correlate data from multiple sources.
• Strong analytical and problem-solving skills; ability to work independently and within multidisciplinary teams.
• Excellent written and verbal communication skills; ability to produce clear technical documentation and brief diverse audiences.

Nice To Haves

• Masters degree in a relevant technical field.
• 810+ years of cyber operations or incident response experience supporting mission-focused environments.
• Experience with feasibility reviews, trade studies, vulnerability assessments, or architecture evaluations.
• Exposure to field operations, deployed systems, or operational test environments.
• Experience developing or refining incident response playbooks, CONOPs, and SOPs.
• Experience identifying single points of failure and recommending mitigations across networked systems.
• Familiarity with forensics triage, malware analysis coordination, or red/blue team operations.
• Proficiency with common defensive tools and data types (e.g., SIEM, endpoint telemetry, network sensors, system/event logs).

Responsibilities

• Continuously monitor network, host, and cloud telemetry (e.g., logs, flows, alerts) to detect anomalies and potential security incidents.
• Identify, triage, and escalate events; distinguish true positives from benign activity; coordinate with incident responders and stakeholders.
• Conduct analysis to isolate indicators of compromise (IOCs), tactics/techniques/procedures (TTPs), and likely avenues of attack; document findings and recommended actions.
• Perform threat hunting using security-relevant data to uncover trends, patterns, and correlations indicative of adversary activity.
• Support vulnerability assessments and identify single points of failure; recommend mitigations to improve resilience and defense-in-depth.
• Assist with requirements development and the integration, testing, verification, and validation of cyber monitoring and defensive capabilities in lab and operational environments.
• Review technical reports/white papers and feasibility studies for operational relevance and technical soundness; contribute to CONOPs, SOPs, and playbooks.
• Prepare clear, concise briefings and reports that articulate an events history, status, and operational impact in accordance with the incident response plan.
• Collaborate with Systems Engineers, System Integrators, mission engineering teams, and Government stakeholders to align detection and response with mission priorities.