-
Summary
Cybersecurity Operations Analyst Role Overview
This role centers on identifying, investigating, and mitigating cybersecurity incidents within complex, enterprise‑scale environments. The analyst will address advanced security challenges by applying modern defensive techniques and contributing to the continuous improvement of monitoring, detection, and response practices. The position requires a high level of autonomy, strong analytical judgment, and the ability to develop effective solutions under pressure.
In addition to hands‑on operational responsibilities, the role includes mentoring peers, providing technical leadership, and helping evolve incident response workflows and security operations methodologies. Key Responsibilities Detect, analyze, and respond to security incidents affecting enterprise systems and networks
Investigate suspicious activity, validate alerts, and determine root cause, scope, and impact of incidents
Apply structured incident response processes to contain, eradicate, and recover from cyber events
Leverage threat intelligence, behavioral indicators, and adversary tradecraft to identify advanced threats
Utilize security monitoring platforms and data‑driven analysis tools to support detection and response efforts
Contribute to the refinement of SOC processes, detection strategies, and response playbooks
Support environment hardening and preventive measures to reduce incident recurrence
Provide technical guidance, peer mentoring, and operational leadership within the security operations team
Communicate findings, risks, and recommendations clearly to technical teams and leadership audiences Required Experience & Qualifications 3+ years of experience supporting enterprise IT, cybersecurity, or intelligence‑focused technical environments (Senior roles require 7+ years)
Experience operating within or supporting a Computer Incident Response Team, cyber operations group, or Security Operations Center
Familiarity with intelligence‑driven defense models and adversary behavior analysis frameworks
Strong understanding of incident response lifecycle, SOC best practices, and operational security standards
Hands‑on experience using security monitoring, log analysis, or security information management platforms
Knowledge of intrusion campaigns, threat actor tactics, techniques, and procedures
Active Top Secret security clearance
Bachelor's degree required Preferred Experience Experience using cloud‑native or extensible security analytics platforms
Experience performing security monitoring and analysis with centralized log and event tools
Active TS/SCI eligibility
Industry certifications related to incident response, threat detection, or digital forensics, such as: Continuous monitoring
Incident handling
Intrusion analysis
Network or cloud forensics -
Job Description
Cybersecurity Operations Analyst Role Overview
This role centers on identifying, investigating, and mitigating cybersecurity incidents within complex, enterprise‑scale environments. The analyst will address advanced security challenges by applying modern defensive techniques and contributing to the continuous improvement of monitoring, detection, and response practices. The position requires a high level of autonomy, strong analytical judgment, and the ability to develop effective solutions under pressure.
In addition to hands‑on operational responsibilities, the role includes mentoring peers, providing technical leadership, and helping evolve incident response workflows and security operations methodologies. Key Responsibilities Detect, analyze, and respond to security incidents affecting enterprise systems and networks
Investigate suspicious activity, validate alerts, and determine root cause, scope, and impact of incidents
Apply structured incident response processes to contain, eradicate, and recover from cyber events
Leverage threat intelligence, behavioral indicators, and adversary tradecraft to identify advanced threats
Utilize security monitoring platforms and data‑driven analysis tools to support detection and response efforts
Contribute to the refinement of SOC processes, detection strategies, and response playbooks
Support environment hardening and preventive measures to reduce incident recurrence
Provide technical guidance, peer mentoring, and operational leadership within the security operations team
Communicate findings, risks, and recommendations clearly to technical teams and leadership audiences Required Experience & Qualifications 3+ years of experience supporting enterprise IT, cybersecurity, or intelligence‑focused technical environments (Senior roles require 7+ years)
Experience operating within or supporting a Computer Incident Response Team, cyber operations group, or Security Operations Center
Familiarity with intelligence‑driven defense models and adversary behavior analysis frameworks
Strong understanding of incident response lifecycle, SOC best practices, and operational security standards
Hands‑on experience using security monitoring, log analysis, or security information management platforms
Knowledge of intrusion campaigns, threat actor tactics, techniques, and procedures
Active Top Secret security clearance
Bachelor's degree required Preferred Experience Experience using cloud‑native or extensible security analytics platforms
Experience performing security monitoring and analysis with centralized log and event tools
Active TS/SCI eligibility
Industry certifications related to incident response, threat detection, or digital forensics, such as: Continuous monitoring
Incident handling
Intrusion analysis
Network or cloud forensics -
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-