Cybersecurity Analyst - Tier 2 (3rd shift)

Details

• Title: Cybersecurity Analyst – Tier 2 (3rd shift)
• Location: Martinsburg, WV; Austin, TX; or Hines, IL (onsite daily)
• Terms: Full‑time, 3rd shift Sunday‑Thursday
• Clearance: Public Trust

About

As a Cybersecurity Analyst – Tier 2, you will play a critical role in safeguarding the Department of Veterans Affairs (VA) digital assets and responding to potential cyber threats. Your primary focus will be supporting the Incident Response team in investigating and mitigating advanced and complex cyber incidents.

Responsibilities

• Perform real‑time monitoring and triage of security alerts in cybersecurity toolsets including SIEM and EDR.
• Determine accurately whether alerts are false positives or require further investigation and prioritization.
• Lead and actively participate in the investigation, analysis, and resolution of cybersecurity incidents; analyze attack patterns, determine root cause, and recommend remediation measures.
• Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned; collaborate with knowledge‑management teams to maintain up‑to‑date incident response playbooks.
• Collaborate effectively with cross‑functional teams (forensics, threat intelligence, IT, network administrators) and clearly communicate technical information and incident updates to management and stakeholders.
• Identify and act on opportunities for tuning alerts to improve incident response efficiency.
• Monitor performance of security analytics and automation processes, identifying areas for improvement and taking proactive measures to enhance efficacy.
• Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions.
• Support mentoring and training of junior IR staff.
• Stay informed about the latest cybersecurity threats, trends, and best practices; actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities.

Requirements

• Bachelor’s degree in computer science, cybersecurity, information technology, or a related field (or equivalent work experience).
• 3+ years of experience supporting incident response in an enterprise‑level Security Operations Center (SOC).
• Deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset for high‑pressure environments.
• Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools.
• Experience with enterprise ticketing systems such as ServiceNow.
• Excellent analytical and problem‑solving skills.
• Ability to work independently and in a team to identify errors, pinpoint root causes, and devise solutions with minimal oversight.
• Ability to learn and function in multiple capacities quickly.
• Strong verbal and written communication skills.
• Must currently have or be willing to obtain one of the following certifications (or equivalent):
  • EC‑Council’s Certified Incident Handler (E|CIH)
  • GIAC Certified Incident Handler (GCIH)
  • Incident Handling & Response Professional (IHRP)
  • Certified Computer Security Incident Handler (CSIH)
  • Certified Incident Handling Engineer (CIHE)
  • EC‑Council’s Certified Ethical Hacker

Benefits

• Traditional and HSA‑eligible medical insurance plans.
• 100% employer‑paid dental and vision insurance options.
• 100% employer‑sponsored STD, LTD, and life insurance.
• 5% 401(k) company matching.
• Flexible schedules and teleworking options.
• Paid holidays and PTO accrual plans.
• Paid parental leave.
• Professional development and career growth opportunities.
• Team and company‑wide events, recognition, and appreciation.