SITEC - Cybersecurity Analyst - MacDill AFB

Peraton requires Cybersecurity Analysts to support the Special Operation Command Information Technology Enterprise Contract (SITEC) – 3 EOM.  This position is located at MacDill AFB in Florida.

The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps); maintain systems and network infrastructure; provide end user and common device support; provide configuration, change, license, and asset management; conduct training, and perform Install, Move, Add, Change (IMACs) services. The responsibilities and tasks associated with each requirement play a pivotal role to USSOCOM, the CIO/J6 organization, and ultimately the end-user who operate around the globe 24x7x365. 

This position offers an opportunity for experienced cybersecurity professionals to take on advanced responsibilities in defending USSOCOM’s global operations. The Journeyman Cyber Security Analyst will play a pivotal role in enhancing SOC capabilities, mentoring junior team members, and ensuring the security and resilience of systems critical to USSOCOM’s mission success.

• Expertise in identifying and analyzing sophisticated threats using SIEM platforms, intrusion detection systems (IDS), and other advanced tools.
• Strategic ability to correlate data from multiple sources to uncover advanced persistent threats (APTs) and complex attack patterns.
• Proficiency in refining detection rules and alerts to enhance threat identification capabilities.
• Leadership in managing high-priority security incidents, including coordinating containment, eradication, and recovery strategies.
• Advanced skills in root cause analysis and delivering actionable recommendations for future mitigation.
• Ability to create detailed post-incident reports to inform organizational strategy and resilience.
• Ability to lead audits and assessments, providing recommendations to enhance compliance and streamline processes.
• Advanced skills in securing NetOps and systems/network infrastructure against evolving threats.
• Leadership in mentoring junior analysts, fostering their growth and technical expertise.
• Strategic collaboration with SOC team members, IT staff, and stakeholders to develop coordinated threat responses.
• Ability to contribute to cross-functional discussions and drive improvements in SOC operations.
• Continuous Improvement and Research:
• Commitment to staying informed on emerging threats, technologies, and best practices to enhance SOC capabilities.
• Strategic mindset to research and recommend tools, techniques, and strategies for improved operations.
• Ability to deliver training sessions to elevate team knowledge and preparedness.
• Operate within a 24/7 SOC environment, which may require shift work, including nights, weekends, and holidays.
• Handle sensitive and classified information in compliance with DoD and USSOCOM requirements.

Required Qualifications:

• Min 9 years with HS Diploma, 7 years AS/AA degree, 5 years with BS/BA degree, 3 years with MS/MA
• A DoD TS/SCI clearance is required
• IAT 2 and CSSP Analyst OR CSSP Incident Responder
• Strong understanding of cybersecurity concepts, including threat detection, malware analysis, and network security.
• Proficiency with one or more tools such as SIEM platforms, IDS/IPS, endpoint protection solutions, and forensic analysis tools.
• Advanced analytical and problem-solving skills with the ability to handle complex incidents and scenarios.
• Effective communication skills, including the ability to create detailed reports and brief stakeholders.
• Ability to work independently and lead initiatives in a fast-paced, team-oriented environment.

Desired Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
• Advanced certifications such as CISSP, GIAC (e.g., GCIA, GCIH), or OSCP.
• Experience with scripting or automation tools (e.g., Python, PowerShell) and threat hunting techniques.
• Knowledge of advanced threat intelligence platforms and methodologies.