Logo
Cimarron

Cyber Defense Analyst/Incident Responder (Mid-Level)

Cimarron, Huntsville

Save Job
Cyber Defense Analyst/Incident Responder (Mid-Level)

Cimarron is seeking a mid-level Cyber Defense Analyst/Incident Responder to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at either the Redstone Arsenal in the Huntsville, AL area or Schriever Space Force Base in the Colorado Springs area.

Key Duties:

  • Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks in accordance with Evaluator Scoring Metrics (ESM).
  • Conduct proactive and reactive cybersecurity operations to strengthen the security posture of customer networks.
  • Identify and respond to cyber incidents in alignment with CJCSM 6510.01B guidelines.
  • Lead cybersecurity incident investigations from start to finish, including data collection, analysis, and reporting.
  • Document all steps in the incident response process while preserving evidence and maintaining the chain of custody.
  • Analyze threat, asset, and vulnerability data to assess impact and enhance network defenses.
  • Mentor and train junior Cyber Defense Analysts and Incident Responders by supporting an established training plan.
  • Develop and maintain DCO procedures, processes, manuals, and documentation.
  • Use Cyber Threat Intelligence data to identify indicators of compromise and create SIEM signatures to detect attacks.
  • Collaborate with CSSP-CERT subscribers to develop and maintain security tool configurations, rules, and signatures.
  • Investigate and remediate discrepancies in logging and CSSP-CERT alignment in coordination with subscribers.
  • Deliver targeted training to support CSSP-CERT subscriber cyber defense and incident response efforts.
  • Analyze and report findings from ongoing cyber intrusions or incidents in compliance with CJCSM 6510.01B.
  • Support insider threat, law enforcement, and counterintelligence agencies during cyber incident investigations.

Required Skills, Experience, and Education:

  • Due to facility security requirements, only U.S. citizens are eligible for consideration at the time.
  • This position requires access to federal facilities. Candidates must possess a valid, unexpired Real ID-compliant driver's license or state-issued identification card at the time of hire. If you are unsure whether your ID is Real ID-compliant, please check for the star symbol in the upper portion of your driver's license or state ID.
  • Ability to complete a pre-employment background check and drug screening, which will include but is not limited to testing for marijuana use.
  • Active Secret Clearance (or higher).
  • Experience with MS Office Applications (e.g., Word, Excel, PowerPoint, Visio).
  • Ability to multitask and prioritize various projects and assignments in a dynamic work environment in order to meet scheduled/unscheduled customer requests.
  • Willing to work rotating shifts in a 24/7/365 operational environment.
  • Ability to respond quickly to emergencies as needed.
  • 4 or more years of directly related experience in information security, physical security, and/or cybersecurity.
  • 1 or more years of experience in a management or leadership position in a team environment.
  • Current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) (e.g., CySA+, GICSP, GSEC, Security+ CE, SSCP).
  • Current DoD 8570.01-M CSSP Analyst, Incident Responder, and Auditor certification (e.g., CEH, CySA+).
  • High School diploma or equivalent and 6 or more years of general, full-time work experience, or Associate degree (or higher).

Desired Skills, Experience, and Education:

  • Bachelor's degree or higher in Cybersecurity, Computer Science, or a related field.
  • Experience with security analysis and implementing solutions in WAN/LAN environments, including routers, switches, network devices, and operating systems such as Windows and Linux.
  • Experience using Security Operations Center (SOC) or Defensive Cyber Operations (DCO) tools and applications, such as firewalls, intrusion detection/prevention systems, Network Security Manager, forward proxies, and spam firewalls.
  • Experience analyzing security compliance scans across wide area networks (ACAS/Nessus preferred).
  • Experience analyzing both network-based and host-based threats (ESS preferred).
  • Ability to mentor and train personnel in a dynamic, fast-paced environment.
  • Familiarity with Department of Defense Security Operations Centers (SOC).
  • Familiarity with DCO/Cybersecurity Service Provider (CSSP) security policies and procedures.
  • Active DoD Top Secret clearance.

Business Profile:

Cimarron is a global solutions company with a strategic partnering approach to satisfying customer-driven requirements. We ensure customer success with a modern approach and experienced leadership. Driven by an entrepreneurial spirit, Cimarron is fueled by highly skilled employees, developing new innovative technologies, and delivering superior products and services. We believe in recognizing employees' worth by offering competitive salaries and benefits, including health, dental, and vision insurance, 401(k) contributions, educational reimbursement, and much more. From company communication through Company-wide information meetings led by our President and CEO, to an Awards program designed to recognize our amazing employees and their accomplishments, you will not only feel like you are a part of a team, you will be a valued member of the Cimarron family. Cimarron is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.