Cyber Defense Operator

Cyber Defense Operations Analyst Location: Onu2011site at Lackland, AFB Clearance Required: Active TS/SCI Experience Level: Junior Level (with relevant technical experience) About the Opportunity TEKsystems is supporting a highu2011visibility Cyber Defense Operations (CDO) mission responsible for defending one of the largest and most complex networks in the Department of Defense. Analysts provide 24/7 realu2011time monitoring, detection, and response against advanced cyber threats, working within a highly collaborative, missionu2011critical environment. This role is ideal for professionals passionate about handsu2011on security operations, intrusion detection, threat analysis, and incident triageu2014especially those with SOC experience and advanced digital forensics knowledge. What Youu2019ll Work On + Investigate endpoint security alerts using tools such as Tanium and Microsoft Defender for Endpoint. + Analyze security events using SIEM, EDR, IDS, and malware analysis platforms to triage and complete cyber investigations. + Triage and resolve highu2011volume alerts (700+ annually), ensuring accurate classification of malicious, benign, or contained activity. + Detect and validate threat activityu2014including live Red Team engagementsu2014to strengthen defensive cyber operations. + Research emerging threats, adversary TTPs, and apply intelligence to improve SOC detection capabilities. + Tune detection logic to reduce false positives and identify emerging cyber behaviors. + Conduct continuous 24/7 network monitoring to identify intrusions across DoDu2011monitored environments. + Mentor junior analysts, refine SOPs, and support training as a qualified instructor for Cyber Defense Operator processes and tools. Nature of the Work (Core Responsibilities) + Review IDS/IPS alerts and conduct hostu2011based security monitoring in alignment with AFCERT Operating Instructions. + Analyze logs, traffic, and hostu2011based events to determine intrusion scope and required escalation. + Use SIEM and IDS platforms to correlate suspicious activity with networku2011level data and DoD intelligence resources (e.g., Big Data Platform). + Document all investigative activity using mission case management systems with a high level of accuracy. + Generate mission reports, shift handoffs, performance metrics, and operational summaries. + Support Air Force units with cybersecurity guidance related to vulnerability management and risk reduction. + Provide tailored analysis during contingency operations, named missions, and cyber defense exercises. + Execute scoped endpoint actions to identify compromised accounts, files, domains, processes, or registry artifacts. + Perform approved response actions to contain threats and disrupt malicious activity. + Analyze threat intelligence (IoCs, TTPs, vulnerabilities) mapped to the MITRE ATT&CK Framework. + Maintain situational awareness and communicate operational updates to the Mission Lead and Crew Commander. + Conduct periodic security checks of the facility and initiate emergency protocols as needed. + Participate in mission planning, debriefs, detection tuning, and continuous process improvement. Required QualificationsClearance + Active TS/SCI clearance (mandatory for mission access) Experience + Experience in Cybersecurity, SOC operations, Incident Response, or Network Defense + Familiarity with: + Intrusion detection/IPS systems (DoD experience preferred) + SIEM tools and event analysis + Endpoint detection/forensics concepts + TCP/IP, DNS, OSI model, and common network protocols (FTP, SMTP, HTTP, etc.) + Strong analytical skills and ability to work in a fastu2011paced, 24/7 operations environment + Understanding of MITRE ATT&CK framework and how it applies to detection engineering Certifications (Not all required, but highly valued and make candidates especially competitive) + GCFA, GCIH, GCIA, Sec+, CYSA+, CEH, or other DoD 8570u2011approved certifications + Any digital forensics or incident response certification is a strong differentiator for this role Technical Skill Areas + IDS/IPS monitoring + SIEM log analysis + Endpoint detection tools + Incident triage and documentation + Threat intel interpretation (IoCs, TTPs, vulnerabilities) + Understanding of enterpriseu2011scale defensive cyber operations Job Type & Location This is a Contract position based out of San Antonio, TX. Pay and Benefits The pay range for this position is $40.00 - $55.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: u2022 Medical, dental & vision u2022 Critical Illness, Accident, and Hospital u2022 401(k) Retirement Plan u2013 Pre-tax and Roth post-tax contributions available u2022 Life Insurance (Voluntary Life & AD&D for the employee and dependents) u2022 Short and long-term disability u2022 Health Spending Account (HSA) u2022 Transportation benefits u2022 Employee Assistance Program u2022 Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully onsite position in San Antonio,TX. Application Deadline This position is anticipated to close on Mar 9, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services Weu2019re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. Weu2019re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. Weu2019re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. Weu2019re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at . The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Created: 2026-02-25