SITEC - Cybersecurity Analyst; SR - MacDill AFB

Required Qualifications:

• Min 12 years with HS Diploma, 10 years AS/AA degree, 8 years with BS/BA degree, 6 years with MS/MA, 3 years with a PhD.
• A DoD TS/SCI clearance is required.
• DoD 8570 IAT II certifications AND CSSP Incident Responder OR CSSP Analyst.
• Deep expertise in cybersecurity concepts, including threat detection, malware analysis, network security, and threat intelligence.
• Extensive experience with one or more tools such as SIEM platforms, IDS/IPS, endpoint protection solutions, forensic analysis tools, and threat intelligence platforms.
• Proven ability to lead incident response efforts and handle complex, high-severity security incidents.
• Exceptional analytical and problem-solving skills with the ability to provide strategic recommendations.
• Effective communication skills, including the ability to deliver executive-level briefings and reports.
• Demonstrated leadership and mentorship capabilities in a fast-paced, team-oriented environment.
• Candidate must be willing to work the following work schedule:
  • This position has a 12 hour rotating shift work schedule totaling 80 hours for the two-week pay period.
  • Weekly Schedule is Sunday-Wednesday or Wednesday-Saturday and is composed of 3x12 hour shifts or 3x12 hour shifts and 1x 8 hour shift.
  • Work hours may flex or change to meet mission requirements, most likely on a 3 month rotation.

Desired

Qualifications:

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).
• Advanced certifications such as CISSP, GIAC (e.g., GCIA, GCIH, GPEN), OSCP, or CISM.
• Experience with scripting, automation tools (e.g., Python, Power Shell), and advanced threat hunting techniques.
• Expertise in threat intelligence analysis, integration, and dissemination.

Peraton requires Cybersecurity Analysts to support the Special Operation Command Information Technology Enterprise Contract (SITEC) – 3 EOM. This position is located at Mac Dill AFB in Florida.

The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (Net Ops); maintain systems and network infrastructure; provide end user and common device support;

provide configuration, change, license, and asset management; conduct training, and perform Install, Move, Add, Change (IMACs) services. The responsibilities and tasks associated with each requirement play a pivotal role to USSOCOM, the CIO/J6 organization, and ultimately the end-user who operate around the globe 24x7x365.

• Expertise in overseeing and refining threat detection processes to proactively counter advanced persistent threats (APTs) and emerging risks.
• Leadership in integrating threat intelligence from internal and external sources to anticipate adversarial activities.
• Strategic ability to develop mitigation strategies against nation-state actors and other sophisticated threat groups targeting USSOCOM systems.
• Advanced leadership in managing high-severity security incidents, coordinating response efforts across SOC teams, J6 staff, and external stakeholders.
• Proficiency in creating and executing containment, eradication, and recovery plans to ensure minimal operational disruption.
• Ability to deliver executive-level briefings and post-incident reports with actionable insights and recommendations for process improvement.
• In-depth knowledge of DoD cybersecurity policies and USSOCOM standards to ensure SOC operations align with regulatory requirements.
• Leadership in audits and assessments, offering recommendations to improve policies and streamline compliance processes.
• Skilled in acting as a liaison between SOC operations and USSOCOM leadership to meet governance objectives.
• Leadership in mentoring junior and Journeyman analysts, fostering their technical growth and professional development.
• Ability to lead training sessions and knowledge-sharing initiatives to elevate SOC capabilities and team preparedness.
• Serve as an escalation point for complex technical issues, providing strategic direction and solutions to the SOC team.
• Strategic mindset to research and implement cutting-edge tools, methodologies, and automation to enhance SOC efficiency and capabilities.
• Leadership in driving orchestration initiatives to streamline threat detection, response, and reporting processes.
• Commitment to staying informed on emerging cybersecurity trends and adversarial tactics to ensure USSOCOM remains ahead of evolving threats.
• Operate within a 24/7 SOC environment, which may require shift work, including nights, weekends, and holidays.
• Handle sensitive and classified information in compliance with DoD and USSOCOM requirements.