Cyber Defense Operator

The Mission This is not a typical cybersecurity role. As a Cyber Defense Operator supporting the 33rd Network Warfare Squadron at Lackland AFB, you will serve as the first layer of cybersecurity defense for Air Force networks across the globe u2014 CONUS and OCONUS. This is mission-critical work protecting the USAF's most vital networks within 16th Air Force. If defending the nation's most important networks is what drives you, this is your opportunity. Required Qualifications + Active TS/SCI clearance + GCFA Certification + IAT Level 2 Certification + SOC experience u2014 incident response, network monitoring, and threat hunting + SIEM experience u2014 Splunk, DEVO, or ArcSight + Intermediate knowledge of IDS/IPS systems used by the DoD, Services, and Agencies (AF, Navy, Army, DC3, DISA) or Federal Government + Networking fundamentals u2014 IP addressing, DNS, TCP/UDP, FTP, SMTP, HTTP, and OSI model + Extensive knowledge of the MITRE ATT&CK framework and its application within the cybersecurity community Nice to Have + Cyber signature writing experience + Coding experience + Offensive or purple team experience Responsibilities + Review all IDS/IPS alerts per AFCERT Operating Instructions and checklists at the AOL, COOP, or Ops Floor + Conduct host security monitoring, alert review, and intrusion detection analysis for the AFIN-SOC mission + Monitor security sensors to analyze IDS and SIEM data, identify and correlate security events, and review logs to identify intrusions for remediation + Correlate suspicious events with network events and data stored within databases and external DoD resources, including the Big Data Platform (BDP) + Analyze traffic, logs, and events to determine the necessity for higher-level analysis and conduct initial assessments of intruder activity + Document who, what, where, why, and when for any identified suspicious activity in the case management system (CMS) + Conduct triage of suspicious activity alerts and logs to make fast and accurate triage decisions + Enter event data into mission support systems in accordance with AFIN SOC operational procedures + Escalate security incidents using established policies and procedures + Generate end-of-mission reports (MISREPs) and provide pass-on information for crew knowledge transfer + Provide computer security support to AF field units including 688 Cyber Wing Squadrons, Base Communications Squadrons, and Mission Defense Teams + Conduct 24x7x365 near real-time network security monitoring and intrusion detection analysis with no more than a 1% error rate + Develop, review, and maintain procedures related to the overall monitoring of hosts and systems + Create and document metrics for reporting and analysis to improve alert triage processes and mission execution + Provide OJT to other contractor employees, military, and civilian personnel and ensure continuity folders and working aids are kept current + Execute approved scoping and response actions against compromised endpoints u2014 accounts, registry configurations, files, processes, IP addresses, ports, and domains + Analyze threat intelligence (TIPPERs) including IoCs, TTPs, vulnerabilities, and actionable intelligence mapped to the MITRE ATT&CK framework + Comply with third-party MOU/MOA monitoring and reporting requirements + Participate in planning, briefing, and debriefing tasks as directed by the CDO Mission Lead or Crew Commander + Maintain currency on the latest industry trends and provide operational reports and assessments for TTP development + Provide monthly performance metrics including readiness, qualifications, events processed, CAT events, and incidents identified Why TEKsystems TEKsystems is one of the most recognized names in technology staffing and services, with a track record of connecting top talent to mission-critical work across the DoD and federal government. We invest in our people u2014 offering a competitive benefits package and a team that genuinely takes care of its own. Why the 33rd NWS The 33rd Network Warfare Squadron is one of the most highly visible and well-known cyber units in San Antonio. You will be working on the cutting edge of DoD cyber operations, supporting mission-critical environments that directly impact national security. This program is fully funded and in its 2nd option year with 3 years remaining before recompete u2014 that's stability you can count on. This team also believes in developing its people. Approximately 40% of contractors on this program have been promoted within their first year. Growth paths exist into roles including cyber signature writing, coding, and offensive/purple team operations u2014 with some positions reaching $135K. Onsite hands-on training is available through a 3-week program, so you'll have the support you need to hit the ground running. Why San Antonio San Antonio is Cyber City USA u2014 home to more DoD cybersecurity jobs than any other city in the country. Combined with one of the lowest costs of living in Texas, it's one of the best cities in the nation to build a long-term career in cyber. Experience Level Entry Level Job Type & Location This is a Contract position based out of san antonio, TX. Pay and Benefits The pay range for this position is $40.00 - $55.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: u2022 Medical, dental & vision u2022 Critical Illness, Accident, and Hospital u2022 401(k) Retirement Plan u2013 Pre-tax and Roth post-tax contributions available u2022 Life Insurance (Voluntary Life & AD&D for the employee and dependents) u2022 Short and long-term disability u2022 Health Spending Account (HSA) u2022 Transportation benefits u2022 Employee Assistance Program u2022 Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully onsite position in san antonio,TX. Application Deadline This position is anticipated to close on Apr 14, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services Weu2019re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. Weu2019re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. Weu2019re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. Weu2019re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at . The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Created: 2026-04-02