Cimarron
Cyber Threat Emulation Analyst (Mid-Level)
Cimarron, Colorado Springs, Colorado, United States, 80509
Cyber Threat Emulation Analyst (Mid-Level)
Cimarron is seeking a mid-level Information Systems Security Officer (ISSO) to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at either the Redstone Arsenal in Huntsville, AL or at Schriever Space Force Base in Colorado Springs, CO. Key Duties: Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks in alignment with Evaluator Scoring Metrics (ESM). Conduct proactive and reactive cybersecurity operations on customer networks to strengthen enterprise security. Analyze threat intelligence and vulnerability data to assess risks and enhance network defense. Develop, review, and maintain DCO procedures, processes, and supporting documentation. Evaluate the effectiveness of defense-in-depth architecture against known vulnerabilities. Produce vulnerability assessment reports and escalate findings as needed. Support enterprise-wide Incident Response in accordance with DoD regulations and guidance. Lead cyber event and incident investigations, including data collection, analysis, and reporting. Contribute to Exploitation Analyst training by instructing, evaluating, and mentoring analysts of all levels. Review and implement tasking and fragmentary orders issued by Higher Headquarters (HHQ). Conduct Cyber Threat Emulation (CTE) activities using Automated Security Validation tools per HHQ directives. Execute adversary-based CTE engagements to evaluate detection, alerting, and network response. Develop custom dashboards and reports detailing engagement outcomes, vulnerabilities, and remediation recommendations. Draft and submit Cyber Tasking Orders (CTOs) to address issues identified during CTE actions. Partner with the Cyberspace Domain Awareness (CDA) team to create evaluation criteria aligned with HHQ inspections and industry standards. Required Skills, Experience, and Education: Due to facility security requirements, only U.S. citizens are eligible for consideration at the time. This position requires access to federal facilities. Candidates must possess a valid, unexpired Real ID-compliant driver's license or state-issued identification card at the time of hire. If you are unsure whether your ID is Real ID-compliant, please check for the star symbol in the upper portion of your driver's license or state ID. Active Secret Clearance (or higher). 6 or more years of full-time work experience. 4 or more years of experience with:
Manual or automated penetration test in an enterprise environment. Vulnerability assessment, cybersecurity frameworks, or conducting risk assessments. The full life cycle of incident response and enterprise-level monitoring.
Current DoD 8570.01-M IAT Level II certification with Continuing Education (e.g., CySA+, GICSP, GSEC, Security+ CE, SSCP) Ability to obtain a PenTest+ Certification within 6 months of the start date. Desired Skills, Experience, and Education: Current PenTest+ Certification. Active Top Secret Clearance. Experience with Cyber Threat Emulation tools, policies, and procedures. Experience operating custom software in a Linux environment. Experience with security analysis and solutions in WAN/LAN environments, including routers, switches, network devices, and operating systems such as Windows and Linux. Experience using Security Operations Center (SOC) or Defensive Cyber Operations (DCO) tools such as firewalls, IDS/IPS, Network Security Manager, Bluecoat, and Barracuda. Experience performing security compliance scans across wide area networks (ACAS/Nessus preferred). Background in configuration, troubleshooting, and deployment of host-based security solutions (ESS preferred). Ability to mentor and train personnel in a dynamic, fast-paced environment. Familiarity with DoD Security Operations Centers (SOC), also known as Cybersecurity Service Providers (CSSPs). Familiarity with DCO/CSSP-related security policies and procedures. Bachelor's degree (or higher) in Cybersecurity, Computer Science, or a related field. Business Profile: Cimarron is a global solutions company with a strategic partnering approach to satisfying customer-driven requirements. We ensure customer success with a modern approach and experienced leadership. Driven by an entrepreneurial spirit, Cimarron is fueled by highly skilled employees, developing new innovative technologies, and delivering superior products and services. We believe in recognizing employees' worth by offering competitive salaries and benefits, including health, dental, and vision insurance, 401(k) contributions, educational reimbursement, and much more. From company communication through Company-wide information meetings led by our President and CEO, to an Awards program designed to recognize our amazing employees and their accomplishments, you will not only feel like you are a part of a team, you will be a valued member of the Cimarron family. Cimarron is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.
Cimarron is seeking a mid-level Information Systems Security Officer (ISSO) to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at either the Redstone Arsenal in Huntsville, AL or at Schriever Space Force Base in Colorado Springs, CO. Key Duties: Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks in alignment with Evaluator Scoring Metrics (ESM). Conduct proactive and reactive cybersecurity operations on customer networks to strengthen enterprise security. Analyze threat intelligence and vulnerability data to assess risks and enhance network defense. Develop, review, and maintain DCO procedures, processes, and supporting documentation. Evaluate the effectiveness of defense-in-depth architecture against known vulnerabilities. Produce vulnerability assessment reports and escalate findings as needed. Support enterprise-wide Incident Response in accordance with DoD regulations and guidance. Lead cyber event and incident investigations, including data collection, analysis, and reporting. Contribute to Exploitation Analyst training by instructing, evaluating, and mentoring analysts of all levels. Review and implement tasking and fragmentary orders issued by Higher Headquarters (HHQ). Conduct Cyber Threat Emulation (CTE) activities using Automated Security Validation tools per HHQ directives. Execute adversary-based CTE engagements to evaluate detection, alerting, and network response. Develop custom dashboards and reports detailing engagement outcomes, vulnerabilities, and remediation recommendations. Draft and submit Cyber Tasking Orders (CTOs) to address issues identified during CTE actions. Partner with the Cyberspace Domain Awareness (CDA) team to create evaluation criteria aligned with HHQ inspections and industry standards. Required Skills, Experience, and Education: Due to facility security requirements, only U.S. citizens are eligible for consideration at the time. This position requires access to federal facilities. Candidates must possess a valid, unexpired Real ID-compliant driver's license or state-issued identification card at the time of hire. If you are unsure whether your ID is Real ID-compliant, please check for the star symbol in the upper portion of your driver's license or state ID. Active Secret Clearance (or higher). 6 or more years of full-time work experience. 4 or more years of experience with:
Manual or automated penetration test in an enterprise environment. Vulnerability assessment, cybersecurity frameworks, or conducting risk assessments. The full life cycle of incident response and enterprise-level monitoring.
Current DoD 8570.01-M IAT Level II certification with Continuing Education (e.g., CySA+, GICSP, GSEC, Security+ CE, SSCP) Ability to obtain a PenTest+ Certification within 6 months of the start date. Desired Skills, Experience, and Education: Current PenTest+ Certification. Active Top Secret Clearance. Experience with Cyber Threat Emulation tools, policies, and procedures. Experience operating custom software in a Linux environment. Experience with security analysis and solutions in WAN/LAN environments, including routers, switches, network devices, and operating systems such as Windows and Linux. Experience using Security Operations Center (SOC) or Defensive Cyber Operations (DCO) tools such as firewalls, IDS/IPS, Network Security Manager, Bluecoat, and Barracuda. Experience performing security compliance scans across wide area networks (ACAS/Nessus preferred). Background in configuration, troubleshooting, and deployment of host-based security solutions (ESS preferred). Ability to mentor and train personnel in a dynamic, fast-paced environment. Familiarity with DoD Security Operations Centers (SOC), also known as Cybersecurity Service Providers (CSSPs). Familiarity with DCO/CSSP-related security policies and procedures. Bachelor's degree (or higher) in Cybersecurity, Computer Science, or a related field. Business Profile: Cimarron is a global solutions company with a strategic partnering approach to satisfying customer-driven requirements. We ensure customer success with a modern approach and experienced leadership. Driven by an entrepreneurial spirit, Cimarron is fueled by highly skilled employees, developing new innovative technologies, and delivering superior products and services. We believe in recognizing employees' worth by offering competitive salaries and benefits, including health, dental, and vision insurance, 401(k) contributions, educational reimbursement, and much more. From company communication through Company-wide information meetings led by our President and CEO, to an Awards program designed to recognize our amazing employees and their accomplishments, you will not only feel like you are a part of a team, you will be a valued member of the Cimarron family. Cimarron is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.