Cyber Defense Analyst Jr Job Description

Position Summary

Essential Duties and Responsibilities

• Support cybersecurity monitoring and cyber defense operations within the SBA SOC environment.
• Assist with 24x7x365 cybersecurity operations support activities in accordance with SBA ECS Task Area 3.5.3 requirements.
• Monitor and analyze security alerts generated by SIEM EDR IDS/IPS firewall and endpoint security tools.
• Assist in the identification triage escalation and documentation of cybersecurity incidents and suspicious activities.
• Support incident response activities in accordance with SBA ECS Task Area 3.5.3.3 and NIST SP 800-61 incident response guidance.
• Review and analyze system logs security events and indicators of compromise.
• Document cybersecurity incidents operational findings and response actions within ticketing and case management systems.
• Assist senior analysts with malware analysis phishing investigations and threat analysis activities.
• Support containment and remediation efforts during cybersecurity incidents and operational events.
• Participate in threat monitoring and basic threat hunting activities across enterprise and cloud environments.
• Assist with vulnerability management coordination and remediation tracking activities.
• Maintain awareness of emerging cyber threats vulnerabilities and CISA advisories.
• Provide support for cloud security monitoring activities involving Microsoft 365 Azure AWS and hybrid environments.
• Participate in SOC shift turnover briefings operational meetings and incident coordination activities.
• Ensure accurate operational reporting and timely escalation of incidents based on severity and impact.
• Support cybersecurity compliance activities and adherence to federal security policies and procedures.
• Collaborate with Government personnel engineers administrators and senior cybersecurity staff to support mission objectives.

Minimum Qualifications

• Bachelors degree in Cybersecurity Information Technology Computer Science Information Assurance or related technical discipline. Relevant experience may substitute for degree requirements.
• Minimum of 3 years of experience supporting cybersecurity operations SOC analysis cyber defense or incident response activities.
• Experience with cybersecurity monitoring tools including SIEM EDR IDS/IPS and endpoint security solutions.
• Basic understanding of cybersecurity incident response processes cyber defense operations and threat analysis concepts.
• Experience reviewing security alerts event logs and system activity.
• Knowledge of federal cybersecurity standards and frameworks including NIST guidance.
• Understanding of cloud computing and cloud security concepts.
• Strong analytical communication and documentation skills.
• Ability to work in operational cybersecurity environments supporting rotating SOC shifts.

Preferred Certifications

• CompTIA Security
• CompTIA CySA
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Splunk Core Certified User
• Microsoft Security Compliance and Identity Fundamentals
• AWS Certified Cloud Practitioner