Cyber Fusion Analyst

*Active TS/SCI clearance needed for consideration*

Zachary Piper Solutions seeks a Cyber Fusion Analyst to support a long standing DoD program. In this role, you will provide support with incident handling, triage of events, network analysis, threat detection, trend analysis, metric development, and vulnerability information dissemination. This is a full time role that is fully on-site in Fort Meade, MD.

Responsibilities:

• Leverage an array of network monitoring and detection capabilities (including netflow, custom application protocol logging, signature-based IDS, and full packet capture (PCAP) data) to identify cyber adversary activity.
• Support the development of Cyber Fusion standard operating procedures (SOPs), and Cyber Fusion Framework and Methodology based on industry best practice and Department of War instruction, guidance, and policy.
• Identify threats to the enterprise and provide mitigation strategies to improve security and reduce the attack surface.
• Perform analysis by leveraging serialized threat reporting, intelligence product sharing, OSINT, and open-source vulnerability information to ensure prioritized plans are developed.
• Analyze and document malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment.
• Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data.
• Identify, investigate and rule out system compromises, with the capacity to provide written analytic summaries and attack life cycle visualizations.
• Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities.
• Offer recommendations to adjust enterprise or tactical countermeasures to for threats impacting the DOWIN.
• Collect analysis metrics and trending data, identify key trends, and provide situational awareness on these trends.

Qualifications:

• Bachelors Degree in related discipline
• 4+ years of experience
• Active DoD 8570.01-M Certification (Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND)
• Active TS/SCI Clearance with eligibility for Polygraph
• In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies.
• Proficiency with datasets, tools and protocols that support analysis (e.g. passive DNS, Virus Total, Recorded Future, TCP/IP, OSI, WHOIS, enumeration, threat indicators, malware analysis results, Wireshark, Splunk, Arcsight etc.).
• Experience with various open-source and commercial vendor portals, services and platforms that provide insight into how to identify and/or combat threats or vulnerabilities to the enterprise.
• Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs)

Compensation:

• $130,000 - $160,000 *based on experience*
• Health, Dental, Vision,
• 401K, PTO, Paid Holidays, Sick Leave if Required by Law

This job posting opens on 1/22/2026 and will remain open for at least 30 days from the posting date

#LI-CB1

Keywords: packet capture, cyber analyst, soc analyst, cyber engineer, top secret, TS/SCI, IDS, DoD networks, windows, Security+, active directory, CompTIA, troubleshooting, monitoring, end user support, red hat, linux, shell, scripting, CLI, VMware, ansible, top secret, intelligence community, intel, TS/SCI, information technology, infrastructure, systems engineer, administrator, windows, active directory, client, LDAP, CI Poly, counterintelligence, Fidelis, Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, CND, Windows, UNIX, Linux, Host-based Security System, Endpoint Security Suite (ESS), Splunk, Cribl, network security tools, intrusion detection systems, IDS, snort, suricata, corelight, intrustion prevention systems, IPS