Cyber Defense Analyst – Jr Job Description

Position Summary

Essential Duties and Responsibilities

• Support cybersecurity monitoring and cyber defense operations within the SBA SOC environment.
• Assist with 24x7x365 cybersecurity operations support activities in accordance with SBA ECS Task Area 3.5.3 requirements.
• Monitor and analyze security alerts generated by SIEM, EDR, IDS/IPS, firewall, and endpoint security tools.
• Assist in the identification, triage, escalation, and documentation of cybersecurity incidents and suspicious activities.
• Support incident response activities in accordance with SBA ECS Task Area 3.5.3.3 and NIST SP 800-61 incident response guidance.
• Review and analyze system logs, security events, and indicators of compromise.
• Document cybersecurity incidents, operational findings, and response actions within ticketing and case management systems.
• Assist senior analysts with malware analysis, phishing investigations, and threat analysis activities.
• Support containment and remediation efforts during cybersecurity incidents and operational events.
• Participate in threat monitoring and basic threat hunting activities across enterprise and cloud environments.
• Assist with vulnerability management coordination and remediation tracking activities.
• Maintain awareness of emerging cyber threats, vulnerabilities, and CISA advisories.
• Provide support for cloud security monitoring activities involving Microsoft 365, Azure, AWS, and hybrid environments.
• Participate in SOC shift turnover briefings, operational meetings, and incident coordination activities.
• Ensure accurate operational reporting and timely escalation of incidents based on severity and impact.
• Support cybersecurity compliance activities and adherence to federal security policies and procedures.
• Collaborate with Government personnel, engineers, administrators, and senior cybersecurity staff to support mission objectives.

Minimum Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, or related technical discipline. Relevant experience may substitute for degree requirements.
• Minimum of 3 years of experience supporting cybersecurity operations, SOC analysis, cyber defense, or incident response activities.
• Experience with cybersecurity monitoring tools including SIEM, EDR, IDS/IPS, and endpoint security solutions.
• Basic understanding of cybersecurity incident response processes, cyber defense operations, and threat analysis concepts.
• Experience reviewing security alerts, event logs, and system activity.
• Knowledge of federal cybersecurity standards and frameworks including NIST guidance.
• Understanding of cloud computing and cloud security concepts.
• Strong analytical, communication, and documentation skills.
• Ability to work in operational cybersecurity environments supporting rotating SOC shifts.

Preferred Certifications

• CompTIA Security+
• CompTIA CySA+
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Splunk Core Certified User
• Microsoft Security, Compliance, and Identity Fundamentals
• AWS Certified Cloud Practitioner