VSE Aviation
SUMMARY
The IT Security Analyst II serves as the primary internal responder and a critical member of VSE’s cybersecurity defense team, responsible for proactive threat detection, in‑depth analysis, and end‑to‑end incident response. This hands‑on role owns the discovery, triage, investigation, and resolution lifecycle for all alerts escalated by VSE’s managed SOC partner, driving containment and remediation while coordinating with IT, Security, Application, Service Desk, and Infrastructure teams to minimize business impact. The IT Security Analyst II acts as a subject matter expert for key security technologies and plays a key role in continuously improving VSE’s overall security posture across its aviation aftermarket, distribution, manufacturing, and MRO operations.
Responsibilities
Own the triage and investigation of all security alerts and incidents in alignment with VSE’s Incident Response (IR) framework, serving as the primary responder and escalation point in coordination with VSE’s managed SOC partner.
Perform advanced analysis of security alerts from multiple sources to identify true positives, detect emerging threats, and recommend containment and remediation strategies.
Serve as the primary point of contact for escalated incidents from Tier I analysts and managed SOC partners.
Own and continuously improve the incident response playbooks, ensuring procedures evolve with threat intelligence and adversarial trends.
Develop and implement SIEM use cases, correlation rules, and dashboards to improve detection accuracy and operational efficiency.
Manage and maintain endpoint, email, and cloud security platforms — ensuring configurations, policies, and rules are optimized for evolving threats.
Conduct phishing simulations and user behavior analysis; lead targeted awareness campaigns for high‑risk groups.
Perform root cause analysis for recurring incidents and propose technical or procedural remediation plans.
Collaborate closely with Network, Infrastructure, and Cloud teams to harden environments and ensure consistent enforcement of security controls.
Support security audits, penetration testing activities, and red/blue/purple team exercises — driving follow‑up actions to closure.
Generate metrics, reports, and trend analysis to inform leadership and support continuous improvement initiatives.
Act as the technical lead for specific security domains (e.g., SOAR/SIEM operations, incident response).
Guide team members in threat analysis and incident handling.
Contribute to policy and process development, ensuring alignment with regulatory frameworks and industry best practices.
Lead post‑incident reviews and lessons‑learned sessions to improve detection and response maturity.
Other duties as assigned.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Aviation and Aerospace Component Manufacturing
#J-18808-Ljbffr
The IT Security Analyst II serves as the primary internal responder and a critical member of VSE’s cybersecurity defense team, responsible for proactive threat detection, in‑depth analysis, and end‑to‑end incident response. This hands‑on role owns the discovery, triage, investigation, and resolution lifecycle for all alerts escalated by VSE’s managed SOC partner, driving containment and remediation while coordinating with IT, Security, Application, Service Desk, and Infrastructure teams to minimize business impact. The IT Security Analyst II acts as a subject matter expert for key security technologies and plays a key role in continuously improving VSE’s overall security posture across its aviation aftermarket, distribution, manufacturing, and MRO operations.
Responsibilities
Own the triage and investigation of all security alerts and incidents in alignment with VSE’s Incident Response (IR) framework, serving as the primary responder and escalation point in coordination with VSE’s managed SOC partner.
Perform advanced analysis of security alerts from multiple sources to identify true positives, detect emerging threats, and recommend containment and remediation strategies.
Serve as the primary point of contact for escalated incidents from Tier I analysts and managed SOC partners.
Own and continuously improve the incident response playbooks, ensuring procedures evolve with threat intelligence and adversarial trends.
Develop and implement SIEM use cases, correlation rules, and dashboards to improve detection accuracy and operational efficiency.
Manage and maintain endpoint, email, and cloud security platforms — ensuring configurations, policies, and rules are optimized for evolving threats.
Conduct phishing simulations and user behavior analysis; lead targeted awareness campaigns for high‑risk groups.
Perform root cause analysis for recurring incidents and propose technical or procedural remediation plans.
Collaborate closely with Network, Infrastructure, and Cloud teams to harden environments and ensure consistent enforcement of security controls.
Support security audits, penetration testing activities, and red/blue/purple team exercises — driving follow‑up actions to closure.
Generate metrics, reports, and trend analysis to inform leadership and support continuous improvement initiatives.
Act as the technical lead for specific security domains (e.g., SOAR/SIEM operations, incident response).
Guide team members in threat analysis and incident handling.
Contribute to policy and process development, ensuring alignment with regulatory frameworks and industry best practices.
Lead post‑incident reviews and lessons‑learned sessions to improve detection and response maturity.
Other duties as assigned.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Aviation and Aerospace Component Manufacturing
#J-18808-Ljbffr