Job Requirements
Huntsville, AL
Top Secret Polygraph not specified
Career Level not specified
$90,000 - $145,000
Job Description
Cybersecurity Operations Analyst
Role Overview
This role centers on identifying, investigating, and mitigating cybersecurity incidents within complex, enterprise‑scale environments. The analyst will address advanced security challenges by applying modern defensive techniques and contributing to the continuous improvement of monitoring, detection, and response practices. The position requires a high level of autonomy, strong analytical judgment, and the ability to develop effective solutions under pressure.
In addition to hands‑on operational responsibilities, the role includes mentoring peers, providing technical leadership, and helping evolve incident response workflows and security operations methodologies.
Key Responsibilities
Detect, analyze, and respond to security incidents affecting enterprise systems and networks
Investigate suspicious activity, validate alerts, and determine root cause, scope, and impact of incidents
Apply structured incident response processes to contain, eradicate, and recover from cyber events
Leverage threat intelligence, behavioral indicators, and adversary tradecraft to identify advanced threats
Utilize security monitoring platforms and data‑driven analysis tools to support detection and response efforts
Contribute to the refinement of SOC processes, detection strategies, and response playbooks
Support environment hardening and preventive measures to reduce incident recurrence
Provide technical guidance, peer mentoring, and operational leadership within the security operations team
Communicate findings, risks, and recommendations clearly to technical teams and leadership audiences
Required Experience & Qualifications
3+ years of experience supporting enterprise IT, cybersecurity, or intelligence‑focused technical environments (Senior roles require 7+ years)
Experience operating within or supporting a Computer Incident Response Team, cyber operations group, or Security Operations Center
Familiarity with intelligence‑driven defense models and adversary behavior analysis frameworks
Strong understanding of incident response lifecycle, SOC best practices, and operational security standards
Hands‑on experience using security monitoring, log analysis, or security information management platforms
Knowledge of intrusion campaigns, threat actor tactics, techniques, and procedures
Active Top Secret security clearance
Bachelor’s degree required
Preferred Experience
Experience using cloud‑native or extensible security analytics platforms
Experience performing security monitoring and analysis with centralized log and event tools
Active TS/SCI eligibility
Industry certifications related to incident response, threat detection, or digital forensics, such as:
Continuous monitoring
Incident handling
Intrusion analysis
Network or cloud forensics
Role Overview
This role centers on identifying, investigating, and mitigating cybersecurity incidents within complex, enterprise‑scale environments. The analyst will address advanced security challenges by applying modern defensive techniques and contributing to the continuous improvement of monitoring, detection, and response practices. The position requires a high level of autonomy, strong analytical judgment, and the ability to develop effective solutions under pressure.
In addition to hands‑on operational responsibilities, the role includes mentoring peers, providing technical leadership, and helping evolve incident response workflows and security operations methodologies.
Key Responsibilities
Detect, analyze, and respond to security incidents affecting enterprise systems and networks
Investigate suspicious activity, validate alerts, and determine root cause, scope, and impact of incidents
Apply structured incident response processes to contain, eradicate, and recover from cyber events
Leverage threat intelligence, behavioral indicators, and adversary tradecraft to identify advanced threats
Utilize security monitoring platforms and data‑driven analysis tools to support detection and response efforts
Contribute to the refinement of SOC processes, detection strategies, and response playbooks
Support environment hardening and preventive measures to reduce incident recurrence
Provide technical guidance, peer mentoring, and operational leadership within the security operations team
Communicate findings, risks, and recommendations clearly to technical teams and leadership audiences
Required Experience & Qualifications
3+ years of experience supporting enterprise IT, cybersecurity, or intelligence‑focused technical environments (Senior roles require 7+ years)
Experience operating within or supporting a Computer Incident Response Team, cyber operations group, or Security Operations Center
Familiarity with intelligence‑driven defense models and adversary behavior analysis frameworks
Strong understanding of incident response lifecycle, SOC best practices, and operational security standards
Hands‑on experience using security monitoring, log analysis, or security information management platforms
Knowledge of intrusion campaigns, threat actor tactics, techniques, and procedures
Active Top Secret security clearance
Bachelor’s degree required
Preferred Experience
Experience using cloud‑native or extensible security analytics platforms
Experience performing security monitoring and analysis with centralized log and event tools
Active TS/SCI eligibility
Industry certifications related to incident response, threat detection, or digital forensics, such as:
Continuous monitoring
Incident handling
Intrusion analysis
Network or cloud forensics
group id: kforcecx
We offer roles across all three clearance levels: Confidential, Secret and Top Secret. With a Top Secret Facilities clearance, a proven subcontractor track record and a deep understanding of agencies across Defense, Intelligence, Homeland, Justice and Federal Civilian Sectors, Kforce brings more than 20 years of experience to supporting critical missions at federal, state and local levels.
