Cyber Defense Operator

San Antonio, TX - USA

Monthly Salary: Not Disclosed

Posted on: 13 hours ago

Vacancies: 1 Vacancy

Job Summary

Cyber Defense Operator

Location: San Antonio TX

Clearance: Active Top Secret with SCI Eligibility (Required)

Certification Required: Active CompTIA Security

Position Overview

The Cyber Defense Operator provides mission-critical support to the Air Force Cyber Emergency Response Team (AFCERT) by executing Defensive Cyberspace Operations (DCO) in defense of United States Air Force networks and supported Combatant Commands.

This role is essential to protecting Air Force information systems by identifying analyzing and mitigating cyber threats in near real-time. AFCERT operates in a high-tempo 24/7/365 environment with zero tolerance for error requiring exceptional attention to detail precision and responsiveness.

Mission Objectives

Cyber Defense Operators support AFCERT in delivering cyberspace defense capabilities that:

Protect and defend Air Force Networks (AFNet)
Detect analyze and respond to cyber threats and intrusions
Ensure mission assurance for Air Force and supported Combatant Commands
Execute network defense operations across NIPRNet and SIPRNet

Key Responsibilities

Defensive Cyberspace Operations (DCO)

Plan implement and execute AFCERT-directed defensive cyberspace operations including:

Continuous monitoring and analysis of network traffic alerts and events
Operation and analysis of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
Detection and mitigation of malicious or anomalous activity
Incident response containment and remediation actions

Cyber Monitoring & Analysis

Perform near real-time monitoring of security events across Air Force systems
Review and analyze IDS/IPS alerts SIEM data and system logs
Correlate network activity with intelligence sources to identify threats
Conduct initial assessments of intrusions including scope impact and threat type

Incident Response & Threat Mitigation

Perform rapid alert triage and determine appropriate response actions
Isolate contain and mitigate cyber threats on Air Force networks
Execute approved response actions across systems endpoints and network components
Escalate incidents in accordance with established procedures

Event Documentation & Reporting

Accurately document incidents (who what where when and why)
Maintain case records in mission systems for follow-up and investigation
Generate Mission Reports (MISREPs) and deliver shift turnover briefings
Track and report performance metrics including incident volume and response effectiveness

Threat Intelligence & Analysis

Analyze threat intelligence and map adversary activity to frameworks such as MITRE ATT&CK
Provide feedback to improve detection accuracy and reduce false positives

Training & Continuous Improvement

Provide on-the-job training (OJT) to team members
Maintain continuity documentation and operational aids
Develop and refine tactics techniques and procedures (TTPs)
Recommend improvements to processes tools and systems

Mission Operations & Coordination

Support mission leads and crew commanders with execution and prioritization
Participate in mission planning briefings and debriefings
Maintain situational awareness and report anomalies impacting mission readiness

Facility & Security Support

Conduct periodic physical security checks of operational areas
Initiate emergency procedures when required
Report facility or operational anomalies to leadership

DCO Functional Area Support

Operators may support one or more of the following areas:

Network Detection & Monitoring
Incident Response & Forensics
Signature Management
Weapons & Tactics Development
Content Development
Training & Curriculum Development
Standards & Evaluations
Host-Based Detection
Operational Processes & PEX Management
Continuity of Operations (COOP)

Required Qualifications

Active Top Secret clearance with SCI eligibility
CompTIA Security certification
Experience in cyber defense network security or Security Operations Center (SOC) environments
Working knowledge of: IDS/IPS systems SIEM platforms network protocols and traffic analysis
Strong analytical problem-solving and decision-making skills
Ability to operate effectively in a high-tempo mission-critical environment

Preferred Qualifications

Familiarity with DoD cyber operations
Experience supporting Air Force network environments

Cyber Defense OperatorLocation: San Antonio TXClearance: Active Top Secret with SCI Eligibility (Required) Certification Required: Active CompTIA SecurityPosition OverviewThe Cyber Defense Operator provides mission-critical support to the Air Force Cyber Emergency Response Team (AFCERT) by executing...