Cyber Security Operations Incident Responder/Swing- Shift Lead Analyst
$120k - $170kTekSynap
Job Description
Job Description
Overview
We are seeking a Cyber Security Operations Incident Responder/Swing- Shift Lead Analyst to support our Prime Contract with the Defense Threat Reduction Agency at Fort Belvoir. This position requires an active Top-Secret Clearance and a DOD IAT level II and CSSP Analyst Support certification is required.
TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.
We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.
Visit us at
Apply now to explore jobs with us!
The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation.
By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration.
Responsibilities
RESPONSIBILITIES
- Collect and analyze network and/or host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and/or mitigation of cyber threats within the Enterprise Network through the investigation process.
- Perform cyber incident triage; to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
- Must have working knowledge of the DoDI 8530.01 (Cybersecurity Activities Support to DoD Information Network Operations)
- Must be proficient with Splunk SIEM or similar tools.
- Provide expert technical support and perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support subordinate organizations and system owners.
- Manage and document cyber defense incidents from initial detection through final resolution methods.
- Provide technical guidance to Tier I analysts and QA alert closures for the shift.
- Maintain an average of at least two new detection use cases per month during each year of contract execution. Detection use cases shall be based on current threats, the MITRE ATT&CK framework, or Government direction.
- Maintain metadata for all detection use cases to include use case, owner, number of false positives identified, number of true positives identified, and average time to execute (based on incident detection monitoring analyst feedback).
- Analyze all completed incident records and make improvements to related detection use cases.
- Collect and analyze network and/or host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and/or mitigation of cyber threats within the Enterprise Network through the investigation process.
- Make recommendations to correlation rules, filters, signatures, or plays to enhance overall effectiveness by lowering false/benign-positive rates. Track and validate refinement requests and provide metrics for these activities monthly.
- Assist with developing methods for automating the execution of incident detection use cases that result in false-positive rates below 10%. Provide monthly reports on new automation actions and their results.
- At the direction and under the supervision of Government personnel, validate the effectiveness of any plays created by emulating adversary tactics to trigger the necessary alerts (blue team).
- Demonstrate effectiveness by creating detection use cases that successfully detect Red Team (penetration testing) activity.
- Utilize the MITRE ATT&CK matrix and other threat frameworks to develop detection use cases. Continually refine these processes with the goal of automating their execution.
- Provide subject matter expertise in creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to network and ESS IDS, IPS, firewall, web application firewall, proxy and SIEM systems.
- Perform duties as the alternate of the D&R technical lead when needed and effectively disseminate taskings among the team under the guidance of the technical lead.
REQUIRED QUALIFICATIONS
- Minimum of a Top-Secret Clearance with SCI eligibility
- DOD 8570 IAT II and CSSP Analyst Certifications (DoD 8140)
- BS 5-7 Years, MS 3-5, PhD 0-2
- Experience with cyber security architecture principles that achieve cybersecurity framework goals
Qualifications
WORK ENVIRONMENT AND PHYSICAL DEMANDS
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
- Location: Fort Belvoir, VA
- Type of environment: Office
- Noise level: Low
- Work schedule: Swing Shift: 1400-2200 Thursday - Sunday. May be requested to work evenings and weekends to meet program and contract needs.
- Amount of Travel: 10%
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.
WORK AUTHORIZATION/SECURITY CLEARANCE
- U.S Citizenship Required
- Top Secret Clearance with SCI Eligibility required
WAGE INFORMATION
Target salary range: $120,000.00 - $170,000.00. The salary range displayed is an estimate only and is not a guarantee of compensation or salary, and will be determined on several factors regarding the individual’s particular combination of education, knowledge, skills, competencies and experience, as well as contract parameters and organizational requirements. The displayed salary is one component of the total compensation package for employees.
OTHER DUTIES
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment.
Many positions require specific certifications and/or the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. Applicants who accept an offer of employment may be subject to investigations performed by TekSynap and/or the Government to verify the candidate meets the required qualifications and other eligibility requirements.
EQUAL EMPLOYMENT OPPORTUNITY
In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.
TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact View email address on ziprecruiter.com for assistance.
$120k - $170k
Overview We are seeking a Cyber Security Operations Incident Responder/Swing‑Shift Lead Analyst to support our Prime Contract with the Defense Threat Reduction Agency at Fort Belvoir. This position requires an active Top‑Secret Clearance and a DOD IAT Level II and CSSP...Afternoon shiftOperationsContract workWork at officeShift workWeekend work- TekSynap is seeking a Cyber Security Operations Incident Responder/ Swing-Shift Lead Analyst to support the Defense Threat Reduction Agency at Fort Belvoir. The role requires active Top-Secret clearance with SCI eligibility and CSSP Analyst certification, working 0600-...Afternoon shiftOperations
$120k - $170k
...Overview We are seeking a Cyber Security Protect Analyst Lead to support our Prime... ...opt out of text messaging, respond "STOP". As part of the... ...and ensures all defensive operations strictly align with DoD 8... ...documenting security threats, incident trends, risk mitigation...Afternoon shiftOperationsFull timeContract workTemporary workWork at officeLocal areaMonday to FridayWeekend work- ...we want to hear from you. We lead with technical expertise, but... ...are dot‑connecting leaders that operate in a mutually accountable... ...Technologies is seeking a Dissemination Analyst Team Lead to join our company.... ...by overseeing the timely, secure, and policy‑compliant...Operations
- AnaVation is seeking a Security Analyst (Incident Responder) to assist client leadership with vulnerability management and incident response activities. This hybrid role may require periodic onsite attendance at our client location in Alexandria, VA. Remote status may...SuggestedRemote work
- Northern Technologies Group is looking for a Security Operations Center (SOC) Analyst in Alexandria, Virginia. This role involves monitoring and responding to cybersecurity incidents, requiring strong analytical skills and experience in SOC operations. The ideal candidate...Operations
$138k - $209k
...alongside industry-leading experts, in an... ...join AIS as a Security Architect. Core... ...our client as a Incident Management Lead.... ...managing advanced cyber defense operations, and guiding teams... ...analyzing, and responding to cybersecurity... ...responders, analysts, and penetration...OperationsContract workTemporary work- ...RiVidium is seeking an Incident Response Lead to support our... ...Cybersecurity, and Data Operations - Core Operations and... ...Responsibilities Lead cyber incident response... ...technical environments with shift-based or on-call... ...Government personnel security requirements for the...OperationsFull timeContract workPart timeShift workNight shift
- AnaVation is seeking a Security Analyst (Incident Responder) to support client leadership with vulnerability management and incident response activities... ...team members and presenting findings clearly. You'll lead IR operations, monitor EDR and SIEM tools, perform risk-based...Operations
- Bluehawk, LLC is seeking a Senior HUMINT Analyst to support strategic intelligence operations across IC and DoD environments. The role emphasizes high-tempo analysis, targeting, and executive-level briefings, with a focus on integrating all-source information and delivering...Operations
- The Cybersecurity Lead will serve as a “Dual... ...for the team, operating with a 70% technical... ...for the entire incident response lifecycle... ...correlation within SIEM (Security Information and... ...and future cyber threats. Individual... ...systems and networks. Respond to requests for...OperationsLocal area
- Title: Incident Response Lead (Full-Time/Part-Time) RiVidium is seeking... ..., and Data Operations - Core Operations and... ...Responsibilities Lead cyber incident response coordination... ...environments with shift-based or on-call... ...Government personnel security requirements for the...OperationsFull timeContract workPart timeShift workNight shift
- ...LLC is seeking a highly experienced HUMINT Analyst (Senior) to support strategic HUMINT analysis, targeting, and intelligence operations within the Intelligence Community (IC)... ...mission requirements supporting national security objectives. Produce strategic and operational...OperationsFull time
$110k - $130k
Overview The SharePoint Analyst Lead analyzes user needs to determine... ...collaboration solutions and ensuring operational continuity across SharePoint... ...driving user adoption of secure and efficient modern... ...Dynamics CRM service requests, incidents, and user inquiries (...OperationsFull timeContract workImmediate start- AnaVation LLC is seeking a Security Analyst (Incident Responder) to join our hybrid team in Alexandria, VA. The role leads IR activities, performs vulnerability analysis, and reports to client leadership, with hands-on use of CrowdStrike, Splunk, and TenableSC. You will...
- Leidos' Digital sector seeks a SOC Analyst for our Alexandria, VA team. You will analyze... ...customer networks and endpoints, and support incident investigations. You will document... ...required, along with 4+ years in incident response and SOC operations. #J-18808-Ljbffr LeidosOperations
$95k - $103k
...seeking a Mid. All Source Analyst (Intelligence Operations and Requirement Shift Lead) to support a federal... ...with market data. Security clearance required TS/SCI... ...Intelligence Community. Respond to general inquiries... ...System (AMHS) for Serious Incident Reports (SIR), OPREP-3s...OperationsFor contractorsWork at officeImmediate startWorldwideShift work- VHC Health is looking for an Epic Clinical Analyst II to develop and manage Epic application solutions. This position requires strong... ...and support, along with a solid background in healthcare operations. The ideal candidate will have extensive experience with Epic...Operations
- ...Health in Alexandria, Virginia is seeking an Epic Clinical Analyst III to lead the design, implementation, and support of Epic EMR applications... ...systems deployment and a strong background in healthcare operations. The ideal candidate will have hands-on experience with...Operations
$195k - $205k
Akima is seeking an IT Operations Manager in Alexandria, Virginia. The role demands expertise... ...compliance with DoD standards, and leading a team in providing technical support. Key... ...ensuring COOP compliance, and managing incidents efficiently. The ideal candidate will have...Operations$112.8k - $257k
...Number: R0239366 Enterprise Architect, Lead The Opportunity Designs enterprise architecture... ...provides highly innovative solutions. Operates with substantial latitude for unreviewed... ...across key areas, such as development, cyber security, data engineering and analytics, and...OperationsFull timeContract workPart timeWork at officeLocal areaRemote work$86.8k - $198k
...Risk Management Analyst, Lead The Opportunity: Manage the application... ..., preventing, mitigating, responding to and recovering from... ...highly innovative solutions. Operate with substantial latitude for... ...will be subject to a security investigation and may need to...Full timeContract workPart timeWork at officeLocal areaRemote work- ...Federal in Alexandria, Virginia, seeks a Cybersecurity Lead Manager (SIEM & Enterprise Operations Focus) to provide strategic leadership, program... ...federal cybersecurity programs, with expertise in RMF/A&A, SIEM, and incident response. #J-18808-Ljbffr ASRC FederalOperations
- ...seeking a highly motivated Security Operations Center (SOC) Analyst to support a mission-... ..., investigating, and responding to cybersecurity events and incidents across enterprise... ...incident response, cyber defense operations, threat... .... Participate in shift operations supporting...OperationsContract workLocal areaShift workDay shift
- ASRC Federal is a leading government contractor furthering missions... ...corporation, our work helps secure an enduring future for our shareholders... ...Manager (SIEM & Enterprise Operations Focus) to support the... ...monitoring, vulnerability management, incident response, cloud security, and...OperationsContract workFor contractors
- ...Job Description Job Description Overview We are seeking an experienced and dedicated HVAC Lead Installer to join our team in Maitland, FL. As a key player in our operations, you will be responsible for overseeing the installation of heating, ventilation, and air...Afternoon shiftOperationsFlexible hours
- ...staffing for a Senior Program Analyst , supporting the Army’s... ...Information Develops/Updates/Responds to Program Management Reports... ...Work collectively with other operations or project managers across the... ...Project Management certification. Security Clearance Secret We offer a...OperationsContract workWork at officeLocal areaFlexible hours
- ...maintaining systems, programming, and operations documentation procedures and... ...are seeking a Business Data Analyst II to join our team! TekSynap... ...schedule: Schedule is day shift Monday – Friday. May be... ...focus. Work Authorization / Security Clearance U.S. Citizen CLEARANCE...Afternoon shiftOperationsFull timeContract workTemporary workWork at officeLocal areaMonday to FridayWeekend workDay shift
$17 - $19 per hour
...boardroom, these values guide how we lead, collaborate, and show up for... .... You’ll rotate through key operational areas – Sales & Service,... ..., and the skills to run a shift like a pro.No need to be a fully... ...safety policies and complete incident reports when necessary.Ensure...Afternoon shiftOperationsFull timePart timeWork at officeAll shiftsFlexible hoursShift workWeekend work$90k
...intricate issues and ensuring a more secure future. Team Lead Firewall Administrator We are... ...manage personnel and monitor operational performance under direction... ...or system vulnerabilities. Respond appropriately to reported or identified incidents in accordance with the...OperationsLocal areaImmediate startRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cyber Security Operations Incident Responder/Swing- Shift Lead Analyst. Be the first to apply!
- law enforcement response team analyst Fort Belvoir, VA
- command center analyst Fort Belvoir, VA
- senior analyst Fort Belvoir, VA
- health analyst Fort Belvoir, VA
- agriculture analyst Fort Belvoir, VA
- online analyst Fort Belvoir, VA
- disability analyst Fort Belvoir, VA
- mental health analyst Fort Belvoir, VA
- remote analyst Fort Belvoir, VA
- local content analyst Fort Belvoir, VA


