https://cdn.builtin.com/cdn-cgi/image/f=auto,fit=scale-down,w=200,h=200/sites/www.builtin.com/files/2022-12/cFocus%20Software%20Incorporated.jpg Logo

cFocus Software Incorporated

Cyber Defense Analyst - Lead

Posted 7 Days Ago
Be an Early Applicant
Washington, DC, USA
In-Office
Senior level
Software
The Role
The Cyber Defense Analyst - Lead conducts advanced cybersecurity operations and incident response, monitors tools, analyzes threats, and provides mentorship.
Summary Generated by Built In
Cyber Defense Analyst – Lead Position Title: Cyber Defense Analyst - Lead
Program: SBA – Enterprise Cybersecurity Services (ECS)Position SummaryThe Cyber Defense Analyst – Senior serves as a senior-level cybersecurity operations and incident response professional supporting the SBA Enterprise Cybersecurity Services (ECS) program. 
The position provides advanced technical expertise in cybersecurity monitoring, incident response, cyber defense analysis, threat hunting, malware analysis, forensic investigation, vulnerability assessment coordination, and operational reporting. The Cyber Defense Analyst – Senior works collaboratively with SOC analysts, engineers, system administrators, ISSOs, cloud teams, and Government stakeholders to protect enterprise systems and respond to cybersecurity threats across hybrid and cloud-based environments.Essential Duties and Responsibilities
  • Perform advanced cyber defense and incident response activities supporting enterprise SOC operations.
  • Support incident response activities identified under RFQ Task Area 3.5.3.3.
  • Analyze cybersecurity alerts, network traffic, endpoint activity, system logs, and indicators of compromise (IOC).
  • Conduct advanced triage, investigation, containment, eradication, and recovery activities for cybersecurity incidents.
  • Provide technical support for 24x7x365 cybersecurity monitoring and cyber defense operations.
  • Perform cyber threat hunting activities across enterprise networks, cloud environments, and endpoint platforms.
  • Support forensic investigations, malware analysis, root cause analysis, and evidence collection activities.
  • Correlate threat intelligence information with security events and operational indicators.
  • Monitor and operate cybersecurity tools including SIEM, EDR, IDS/IPS, vulnerability scanners, and security analytics platforms.
  • Support development and refinement of incident response procedures, playbooks, and standard operating procedures.
  • Provide operational analysis and recommendations regarding emerging threats, attack trends, and cybersecurity risks.
  • Coordinate cybersecurity incident response activities with internal teams, federal stakeholders, and external partners.
  • Support vulnerability management activities including remediation coordination, validation testing, and risk analysis.
  • Assist with operational reporting, cybersecurity metrics, dashboards, and executive briefings.
  • Document cybersecurity incidents, investigative findings, response actions, and lessons learned.
  • Support cloud security monitoring activities within Azure, AWS, Microsoft 365, and hybrid enterprise environments.
  • Ensure incident response and cyber defense activities align with NIST SP 800-61, NIST SP 800-53, CISA guidance, and FISMA requirements.
  • Provide mentorship and technical guidance to junior analysts and SOC personnel.
  • Participate in cybersecurity exercises, operational readiness activities, and continuous improvement initiatives.
  • Support coordination activities with law enforcement, OIG, privacy, and legal teams as required.
Minimum Qualifications
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, Engineering, or related technical discipline. Additional relevant experience may substitute for degree requirements.
  • Minimum of 8 years of cybersecurity operations, cyber defense, SOC analysis, or incident response experience.
  • Minimum of 5 years supporting federal cybersecurity operations or incident response activities.
  • Hands-on experience with SIEM, EDR, IDS/IPS, network security monitoring, threat intelligence, and forensic analysis tools.
  • Experience conducting incident triage, malware analysis, root cause analysis, and cyber threat hunting activities.
  • Experience supporting cloud security operations across AWS, Azure, Microsoft 365, or hybrid enterprise environments.
  • Strong knowledge of federal cybersecurity standards and frameworks including FISMA, NIST RMF, NIST SP 800-53 Rev. 5, and NIST SP 800-61.
  • Experience analyzing security events, attack vectors, indicators of compromise, and adversarial tactics and techniques.
  • Strong analytical, communication, documentation, and problem-solving skills.
  • Ability to work effectively in high-tempo operational environments supporting 24x7 cybersecurity operations.
Preferred Certifications
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Intrusion Analyst (GCIA)
  • CompTIA CySA+
  • Certified Ethical Hacker (CEH)
  • CompTIA Security+
  • Splunk Certified Power User or SIEM-related certification
  • AWS or Microsoft Azure Security Certifications

Skills Required

  • Bachelor's degree in Cybersecurity, Information Technology, or related discipline
  • Minimum of 8 years of cybersecurity operations or incident response experience
  • Hands-on experience with cybersecurity monitoring and forensic analysis tools
  • Strong knowledge of federal cybersecurity standards including FISMA and NIST
  • Experience supporting cloud security operations
View all jobs at cFocus Software Incorporated
View cFocus Software Incorporated Profile
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Largo, MD
25 Employees
Year Founded: 2006

What We Do

Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365. Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!

Similar Jobs

Leader Bank Logo Leader Bank

Business Development Manager

Fintech • Insurance • Payments • Social Impact • Financial Services
Remote or Hybrid
United States
420 Employees
72K-108K Annually

ServiceNow Logo ServiceNow

Client Director

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Washington, DC, USA
29000 Employees
174K-287K Annually

MetLife Logo MetLife

Customer Care Advocate Disability Service- Omaha NE 7.20.26

Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
Remote or Hybrid
United States
43000 Employees
42K-42K Annually

Mastercard Logo Mastercard

Director, Healthcare Strategy and Commercialization

Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Remote or Hybrid
Washington, DC, USA
38800 Employees
137K-264K Annually

Similar Companies Hiring

Fairly Even Thumbnail
Fairly Even Logo

Fairly Even

Hardware • Other • Robotics • Sales • Software • Hospitality
New York, NY
30 Employees
Kepler Thumbnail
Kepler Logo

Kepler

Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Onshore Logo

Onshore

Artificial Intelligence • Fintech • Software • Financial Services
New York City, NY
100 Employees
View all jobs at cFocus Software Incorporated
View cFocus Software Incorporated Profile

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account