Cybersecurity Analyst Watch Floor Operations

Join to apply for the Cybersecurity Analyst Watch Floor Operations role at TekSynap

3 days ago Be among the first 25 applicants

Join to apply for the Cybersecurity Analyst Watch Floor Operations role at TekSynap

Get AI-powered advice on this job and more exclusive features.

TEAM SUMMARY
Supports the cybersecurity watch floor, playing a crucial role in a government agency's cybersecurity defense strategy. Operating around the clock, 24/7, 365 days a year, this dynamic team ensures the timely detection and resolution of potential security incidents, thereby minimizing the impact of cyber threats on the organization. Comprising skilled security professionals, the watch floor team is responsible for actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats. Serving as the operational hub, the watch floor plays a critical role in safeguarding the confidentiality, integrity, and availability of the organization's information assets.

Responsibilities & Qualifications

TEAM SUMMARY

Supports the cybersecurity watch floor, playing a crucial role in a government agency's cybersecurity defense strategy. Operating around the clock, 24/7, 365 days a year, this dynamic team ensures the timely detection and resolution of potential security incidents, thereby minimizing the impact of cyber threats on the organization. Comprising skilled security professionals, the watch floor team is responsible for actively detecting, monitoring, preventing, and analyzing real-time cybersecurity information, events, and threats. Serving as the operational hub, the watch floor plays a critical role in safeguarding the confidentiality, integrity, and availability of the organization's information assets.

Activities & Responsibilities

• Monitor cybersecurity dashboards and alerts on a 24/7/365 watch floor
• Analyze security events to identify suspicious behavior or potential incidents
• Escalate and coordinate response efforts for active threats
• Maintain situational awareness of current threats and vulnerabilities
• Assist in tuning and improving alerting thresholds in SIEM tools
• Create and maintain standard operating procedures (SOPs)
• Participate in cybersecurity drills and incident response exercises
• Collaborate with intelligence and threat analysis teams to enhance detection capabilities
• Document incidents and contribute to after-action reviews and reports
• Provide input on improving cybersecurity architecture and tooling

Skills

• Cybersecurity & Threat Intelligence
• Real-time threat monitoring and incident detection
• Security information and event management (SIEM) expertise (especially Splunk Enterprise Security)
• Knowledge of threat actors, tactics, techniques, and procedures (TTPs)
• Familiarity with threat intelligence feeds and correlation

• Security Operations & Incident Response
• Incident triage and escalation procedures
• Conducting forensic analysis and evidence collection
• Threat hunting and anomaly detection
• Root cause analysis and post-incident reporting

• Technical & Analytical Proficiency
• Network traffic analysis and packet capture interpretation
• Endpoint detection and response (EDR) tools and techniques
• Log analysis (system, application, network, firewall)
• Knowledge of intrusion detection/prevention systems (IDS/IPS)

• Scripting or automation with Python, PowerShell, or Bash (bonus)
• Security Frameworks & Compliance - Familiarity with frameworks such as NIST, MITRE ATT&CK, or ISO 27001
• Understanding of government cybersecurity regulations and FISMA compliance

Required Qualifications

• Bachelor's degree, preferably in an IT-related field
• 10+ years of experience in IT with a minimum of 4 years in Cybersecurity
• Active TS Clearance
• Experience with Splunk Enterprise Security

Preferred Qualifications & Competencies

• Experience with Microsoft Sentinel
• Related certifications, such as GIAC IAC Continuous Monitoring Certification (GMON), Certified Incident Handler (GCIH), Certified Forensic Analyst (GCFA), Certified Intrusion Analyst (GCIA), Network Forensic Analyst (GNFA), Cloud Threat Detection (GCTD), and/or Cloud Forensics Responder (GCFR)

Overview

We are seeking an experienced Cybersecurity Analyst/Watch Floor Operations in support of a government customer to join our team. The Program Manager will be responsible for ensuring the successful execution of multiple IT initiatives, ensuring alignment with customer objectives, and managing project scope, schedule, budget, and risk. This role requires strong leadership, communication, and problem-solving skills to drive efficiency and deliver results.

TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well-planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.

We offer our full-time employees a competitive benefits package including health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time, and holidays.

Visit us at www.TekSynap.com. Apply now to explore jobs with us!

The safety and health of our employees is of the utmost importance. Employees are required to comply with any contractually mandated Federal COVID-19 requirements. More information can be found here.

Additional Job Information

WORK ENVIRONMENT AND PHYSICAL DEMANDS

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Location: Huntsville Alabama
• Remote or In-Person: On site
• Type of environment: Office
• Noise level: Medium
• Work schedule: Day shift Monday – Friday.
• Amount of Travel: Less than 10%

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

WORK AUTHORIZATION/SECURITY CLEARANCE

• Active Top Secret Clearance Required

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

EQUAL EMPLOYMENT OPPORTUNITY

In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, genetic information, or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.