Cyber Security Operations Incident Responder/Day- Shift Lead Analyst

{
  "content_hash": "9e1aa90e0bc68f135cb3ddd9fdff1ec05051d68da8613c31af1dbb0576585956",
  "source_hash": "0bc40980cd71d9115fce9259dece71db124511874a213fbfddc8ded7648b4e03",
  "last_changed_at": "2026-06-20T08:36:06.650Z",
  "active_status": "deleted"
}

{
  "language": "en",
  "location": {
    "raw": "Fort Belvoir, VA, US",
    "city": "Fort Belvoir",
    "region": "VA",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.8
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-18T08:34:20.923Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Fort Belvoir, VA, US",
      "city": "Fort Belvoir",
      "region": "VA",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": "day",
  "workplace_type": null,
  "salary_currency": null
}

{}

{
  "json_ld": {
    "url": "https://careers-teksynap.icims.com/jobs/9362/cyber-security-operations-incident-responder-day--shift-lead-analyst/job",
    "@type": "JobPosting",
    "title": "Cyber Security Operations Incident Responder/Day- Shift Lead Analyst",
    "@context": "http://schema.org",
    "datePosted": "2024-06-18T08:34:11.398Z",
    "description": "<h2>Responsibilities & Qualifications</h2>\n<p><strong><u> </u></strong></p>\n<p><strong><u>RESPONSIBILITIES</u></strong></p>\n<ul>\n <li>Collect and analyze network and/or host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and/or mitigation of cyber threats within the Enterprise Network through the investigation process.</li>\n <li>Perform cyber incident triage; to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.</li>\n <li>Must have working knowledge of the CJCSM 6510.01B  (Cyber Incident Handling Program)</li>\n <li>Must be proficient with Splunk SIEM or similar tools.</li>\n <li>Provide expert technical support and perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support subordinate organizations and system owners.</li>\n <li>Manage and document cyber defense incidents from initial detection through final resolution methods.</li>\n <li>Provide technical guidance to Tier I analysts and QA alert closures for the shift.</li>\n <li>Maintain an average of at least two new detection use cases per month during each year of contract execution. Detection use cases shall be based on current threats, the MITRE ATT&CK framework, or Government direction.</li>\n <li>Maintain metadata for all detection use cases to include use case, owner, number of false positives identified, number of true positives identified, and average time to execute (based on incident detection monitoring analyst feedback).</li>\n <li>Analyze all completed incident records and make improvements to related detection use cases.</li>\n <li>Collect and analyze network and/or host artifacts from a variety of sources to include logs, system images and packet captures to characterize activity, determine root cause, operational impact, and to enable rapid remediation and/or mitigation of cyber threats within the Enterprise Network through the investigation process.</li>\n <li>Make recommendations to correlation rules, filters, signatures, or plays to enhance overall effectiveness by lowering false/benign-positive rates. Track and validate refinement requests and provide metrics for these activities monthly.</li>\n <li>Assist with developing methods for automating the execution of incident detection use cases that result in false-positive rates below 10%. Provide monthly reports on new automation actions and their results.</li>\n <li>At the direction and under the supervision of Government personnel, validate the effectiveness of any plays created by emulating adversary tactics to trigger the necessary alerts (blue team).</li>\n <li>Demonstrate effectiveness by creating detection use cases that successfully detect Red Team (penetration testing) activity.</li>\n <li>Utilize the MITRE ATT&CK matrix and other threat frameworks to develop detection use cases. Continually refine these processes with the goal of automating their execution.</li>\n <li>Provide subject matter expertise in creation, editing, and management of signatures, rules and filters for specialized network defense systems including but not limited to network and ESS IDS, IPS, firewall, web application firewall, proxy and SIEM systems.</li>\n <li>Perform duties as the alternate of the D&R technical lead when needed and effectively disseminate taskings among the team under the guidance of the technical lead.</li>\n</ul>\n<p><strong><u>REQUIRED QUALIFICATIONS</u></strong></p>\n<ul>\n <li>BS 5-7 Years, MS 3-5, PhD 0-2</li>\n <li>Experience with cyber security architecture principles that achieve cybersecurity framework goals</li>\n <li>Minimum of a Top-Secret Clearance with SCI eligibility</li>\n <li>DOD 8570 IAT II and CSSP Analyst Certifications (DoD 8140)</li>\n</ul>\n<h2>Overview</h2>\n<p>We are seeking a Cyber Security Operations Incident Responder/Day- Shift Lead Analyst to support our Prime Contract with the Defense Threat Reduction Agency at Fort Belvoir. This position requires an active Top-Secret Clearance and a DOD IAT level II and CSSP Analyst Support certification is required.</p>\n<p> </p>\n<p>TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.</p>\n<p> </p>\n<p>We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. </p>\n<p>Visit us at www.TekSynap.com. </p>\n<p>Apply now to explore jobs with us! </p>\n<p>The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. </p>\n<p> </p>\n<p>By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status.  If at any time you would like to opt out of text messaging, respond \"STOP\".</p>\n<p> </p>\n<p>As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration </p>\n<h2>Additional Job Information</h2>\n<p> </p>\n<p><strong><u>WORK ENVIRONMENT AND PHYSICAL DEMANDS</u></strong></p>\n<p>The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. </p>\n<ul>\n <li>Location: Fort Belvoir, VA</li>\n <li>Type of environment: Office</li>\n <li>Noise level: Medium</li>\n <li>Work schedule: 0600 – 1400 Sunday - Thursday. May be requested to work evenings and weekends to meet program and contract needs. </li>\n <li>Amount of Travel: 1-2 weeks/annually (rare deployment occasions and training attendance)</li>\n</ul>\n<p><strong><u>PHYSICAL DEMANDS</u></strong></p>\n<p>The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.</p>\n<p>While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.</p>\n<p> </p>\n<p><strong><u>WORK AUTHORIZATION/SECURITY CLEARANCE</u></strong></p>\n<ul>\n <li>Citizenship: US Citizen</li>\n <li>Maintain an active Top-Secret with SCI eligibility clearance</li>\n</ul>\n<p><strong><u>OTHER DUTIES</u></strong></p>\n<p>Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.</p>\n<p> </p>\n<p>TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment.</p>\n<p> </p>\n<p><strong><u>EQUAL EMPLOYMENT OPPORTUNITY</u></strong></p>\n<p>In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.</p>\n<p>.</p>",
    "directApply": true,
    "jobLocation": [
      {
        "@type": "Place",
        "address": {
          "@type": "PostalAddress",
          "postalCode": "UNAVAILABLE",
          "addressRegion": "VA",
          "streetAddress": "UNAVAILABLE",
          "addressCountry": "US",
          "addressLocality": "Fort Belvoir",
          "postOfficeBoxNumber": "UNAVAILABLE"
        }
      }
    ],
    "validThrough": "2027-06-18T08:34:11.398Z",
    "employmentType": "FULL_TIME",
    "hiringOrganization": {
      "name": "TekSynap",
      "@type": "Organization",
      "sameAs": "https://www.teksynap.com/"
    },
    "occupationalCategory": "Cybersecurity"
  },
  "detail_meta": {
    "url": "https://careers-teksynap.icims.com/jobs/9362/cyber-security-operations-incident-responder-day--shift-lead-analyst/job?in_iframe=1",
    "http_status": 200,
    "content_type": "text/html;charset=UTF-8",
    "response_bytes": 53390,
    "compact_response_bytes": 10120,
    "original_response_bytes": 53390
  },
  "sitemap_job": {
    "id": "9362",
    "url": "https://careers-teksynap.icims.com/jobs/9362/cyber-security-operations-incident-responder-day--shift-lead-analyst/job",
    "slug": "cyber-security-operations-incident-responder-day--shift-lead-analyst",
    "lastmod": "2026-06-16T15:55:47-04:00"
  },
  "detail_errors": []
}