Cyber Defense Analyst 3 (CDA3)

RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch industry professionals.
Join us on this journey as we execute this mission-critical contract providing high-end analytics and data science services within the REALM of cybersecurity.
Your effort and expertise are crucial to the success and execution of this impactful mission that is critical in ensuring mission success through Security Engineering, Risk Management and Assessment, and Insider Threat Analysis, by improving, protecting, and defending our Nation's Security.
Job Description:
The Cyber Defense Analyst 3 - HUNT serves as a senior member of the Security Operations Center (SOC), leading proactive threat hunting activities to identify, analyze, and mitigate advanced cyber threats across enterprise environments. This role requires deep technical expertise, strong analytical capabilities, and the ability to guide junior analysts while enhancing the organization's detection and response posture.
The Cyber Defense Analyst 3 shall possess the following capabilities:

• Lead proactive threat hunting operations using hypothesis-driven and intelligence-driven methodologies across network, endpoint, and cloud environments.
• Analyze large datasets (e.g., SIEM, EDR, NetFlow, logs) to identify anomalous behavior, indicators of compromise (IOCs), and adversary tactics, techniques, and procedures (TTPs).
• Develop and refine detection use cases, signatures, and analytic rules to improve SOC visibility and reduce dwell time.
• Conduct deep-dive investigations into complex security incidents and provide expert-level incident response support.
• Leverage frameworks such as MITRE ATT&CK to map adversary behavior and improve threat detection coverage.
• Collaborate with threat intelligence teams to operationalize intelligence into actionable hunt missions.
• Document hunt findings, incident reports, and recommendations for leadership and stakeholders.
• Continuously evaluate and integrate new tools, technologies, and methodologies to improve threat detection and response.
  

Qualifications:

• Eight (8) years Cyber Defense Analyst experience.
• Two (2) years TCP/IP fundamentals experience.
• Two (2) years Wireshark or tcpdump experience.
• Three (3) years SIEM experience (Splunk, ArcSight, Kibana, LogRhythm).
• Three (3) years network analysis and threat analysis experience.
• Experience conducting advanced threat hunting operations.
• Experience analyzing adversary activity and intrusion methods.
• 8x5 schedule.

Certifications Required:

• DoD 8570 compliance with CSSP Analyst baseline certification
• Information Assurance Technical (IAT) Level I or Level II certification
• Computing Environment (CE) certification. The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE
  certifications.
• Global Information Assurances Certification (GIAC) Certified Incident Handler (GCIH) certificate or Certified Intrusion Analyst (GCIA) certificate.
• Splunk software training course "Fundamentals 1"

Position requires active Security Clearance with appropriate Polygraph