Cyber Defense Analyst - Jr

Cyber Defense Analyst – Jr

Position Title: Cyber Defense Analyst - Jr Program: SBA Enterprise Cybersecurity Services (ECS)

Position Summary

The Cyber Defense Analyst – Jr supports the Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program by assisting with cybersecurity operations, monitoring, incident detection, event analysis, and cyber defense activities within the Security Operations Center (SOC). Under the supervision of senior cybersecurity personnel, the Cyber Defense Analyst – Jr monitors enterprise security tools, analyzes alerts and events, assists with incident response activities, and supports operational cybersecurity reporting and documentation. The role contributes to maintaining the confidentiality, integrity, and availability of SBA information systems and infrastructure.

Essential Duties and Responsibilities

• Support cybersecurity monitoring and cyber defense operations within the SBA SOC environment.
• Assist with 24x7x365 cybersecurity operations support activities in accordance with SBA ECS Task Area 3.5.3 requirements.
• Monitor and analyze security alerts generated by SIEM, EDR, IDS/IPS, firewall, and endpoint security tools.
• Assist in the identification, triage, escalation, and documentation of cybersecurity incidents and suspicious activities.
• Support incident response activities in accordance with SBA ECS Task Area 3.5.3.3 and NIST SP 800-61 incident response guidance.
• Review and analyze system logs, security events, and indicators of compromise.
• Document cybersecurity incidents, operational findings, and response actions within ticketing and case management systems.
• Assist senior analysts with malware analysis, phishing investigations, and threat analysis activities.
• Support containment and remediation efforts during cybersecurity incidents and operational events.
• Participate in threat monitoring and basic threat hunting activities across enterprise and cloud environments.
• Assist with vulnerability management coordination and remediation tracking activities.
• Maintain awareness of emerging cyber threats, vulnerabilities, and CISA advisories.
• Provide support for cloud security monitoring activities involving Microsoft 365, Azure, AWS, and hybrid environments.
• Participate in SOC shift turnover briefings, operational meetings, and incident coordination activities.
• Ensure accurate operational reporting and timely escalation of incidents based on severity and impact.
• Support cybersecurity compliance activities and adherence to federal security policies and procedures.
• Collaborate with Government personnel, engineers, administrators, and senior cybersecurity staff to support mission objectives.

Minimum Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, or related technical discipline. Relevant experience may substitute for degree requirements.
• Minimum of 3 years of experience supporting cybersecurity operations, SOC analysis, cyber defense, or incident response activities.
• Experience with cybersecurity monitoring tools including SIEM, EDR, IDS/IPS, and endpoint security solutions.
• Basic understanding of cybersecurity incident response processes, cyber defense operations, and threat analysis concepts.
• Experience reviewing security alerts, event logs, and system activity.
• Knowledge of federal cybersecurity standards and frameworks including NIST guidance.
• Understanding of cloud computing and cloud security concepts.
• Strong analytical, communication, and documentation skills.
• Ability to work in operational cybersecurity environments supporting rotating SOC shifts.

Preferred Certifications

• CompTIA Security+
• CompTIA CySA+
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Splunk Core Certified User
• Microsoft Security, Compliance, and Identity Fundamentals
• AWS Certified Cloud Practitioner