Cyber Defense Analyst

Cyber Defense Analyst

Veilant is looking for a Cyber Defense Analyst to join our Information Security team and help defend our enterprise environment against active and emerging cyber threats.

In this role, you will monitor network and endpoint activity, investigate security alerts, tune detections, and help surface anomalous behavior across our SIEM and EDR stack, including Microsoft Defender for Endpoint, Elastic, and Splunk.

This role is ideal for someone with a strong technical foundation, curiosity about how systems behave, and hands-on interest in alert triage, detection engineering, threat hunting, and incident response.

What You'll Do

• Monitor endpoint and network activity using Microsoft Defender for Endpoint, Elastic, Splunk, and related security tools.
• Triage and investigate alerts, distinguishing benign activity from suspicious or malicious behavior.
• Develop, tune, and maintain detections using KQL, ES|QL, SQL, SPL, or similar query languages.
• Translate threat intelligence, IOCs, TTPs, and emerging threat reporting into actionable detections, dashboards, queries, and hunts.
• Conduct targeted threat hunts using frameworks such as MITRE ATT&CK.
• Document incidents, including timelines, indicators, scope, findings, remediation steps, and lessons learned.
• Build dashboards and visualizations that improve visibility into enterprise activity and anomalies.
• Contribute to playbooks that improve the team's speed, consistency, and effectiveness during investigations.
• Collaborate with security, IT, and Engineering teams to support investigations and response activities.

What Success Looks Like

In the first six months, you will build a working understanding of Veilant's environment, independently triage alerts, improve detection logic, contribute to threat hunts, document incidents, and help strengthen playbooks that make the team faster and more effective.

Qualifications

Must Haves:

• Four-year degree in Computer Science, Cybersecurity, Computer Engineering, or a related field, or equivalent hands-on experience in cybersecurity, networking, systems administration, systems engineering, military cyber operations, information warfare, communications, intelligence, or secure enterprise operations.
• At least two years of experience in cybersecurity, networking, systems administration, systems engineering, cyber operations, or a related technical role.
• Working knowledge of Windows Workstation and Windows Server operating systems.
• Knowledge of network protocols, traffic patterns, and common attack behaviors.
• Experience with one or more of the following:
  • EDR platforms
  • SIEM platforms
  • Vulnerability management tools
  • Threat intelligence sources
  • Log analysis, alert triage, or incident investigation workflows
• Ability to investigate alerts, correlate evidence across data sources, and escalate findings clearly.
• Ability to write, modify, or tune detections using KQL, ES|QL, SQL, SPL, or similar query languages.
• Familiarity with using AI tools to support investigations, analysis, documentation, or workflow efficiency.
• Strong problem-solving, communication, and documentation skills.
• Must be eligible to obtain a U.S. Government Security Clearance.

Additional Information

Why You'll Love Working Here:

• Innovative Environment: Work in a setting where your ideas and expertise are valued.
• Collaborative Culture: Be part of a team that supports each other and works toward shared goals.
• Career Growth: Opportunities for professional development and career advancement.

Here are some Perks!

• Flexible PTO + holidays
• Generous 401k match benefit up to 10%, with an automatic 3% safe harbor contribution and additional matching based on employee contributions.
• Medical (HSA & PPO Plans Available), dental, vision, disability, and life insurance
• Employer Contribution to Health Savings Account (HSA)
• Learning & Development opportunities
• Professional coaching services
• Get the technology you want to do your job
• We have free daily snacks & drinks

Physical Requirements:

• Must be able to remain in a stationary position 50% of the time. The person in this position needs to occasionally move about inside the office
• Constantly work with computers and other information technology equipment
• The ability to communicate information and ideas in a classroom style format, may stand at a podium for long periods of time

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran status, or any other characteristic protected by law. We are proud to be an equal opportunity workplace.