Senior Cybersecurity Analyst

Overview

The Space Dynamics Laboratory (SDL) is seeking a skilled Information Security Analyst with 10+ years of hands-on cybersecurity experience to join our dynamic security operations team. This role spans mid-level to senior responsibilities, focusing on threat detection, incident response, security tool management, and contributing to the enhancement of our overall security posture. The position involves a mix of high-level operational execution, independent analysis, and contributions to process improvements.

The ideal candidate brings practical experience in enterprise security environments, strong analytical skills, and a proactive approach to identifying and mitigating risks.

SDL delivers advanced multi-domain solutions to protect National security and enable scientific discovery. Our expertise in satellites, sensors and instruments, ground systems and data processing, and autonomous systems plays a critical role in missions supporting NASA and the Department of War. Join our team of engineers, scientists, technicians, and business professionals in our seventh decade of delivering mission success.

• Threat Prevention & Monitoring
• Monitors security alerts from SIEM, EDR, IDS/IPS, email filter, endpoint tools, and other platforms
• Performs triage, investigation, and escalation
• Develops, tunes, and maintains detection rules, signatures, queries, and behavioral analytics
• Conducts proactive threat hunting for IOCs to identify attacker TTPs
• Conducts deep threat analysis on software packages and applications
• Optimizes and maintains deception platforms

• Incident Response & Analysis
• Investigates security incidents from initial detection through containment, eradication, recovery, and lessons learned
• Documents incidents thoroughly, including root cause analysis, timelines, and recommendations
• Coordinates response activities with internal teams and, when needed, external partners

• Security Operations
• Operates and optimizes security tools
• Automate repetitive tasks and workflows using tools and/or scripting (Python, Power Shell, etc.)
• Supports vulnerability management processes: scanning, prioritization, remediation tracking, and validation
• Evaluates new security technologies and recommends improvements to existing tools and processes

• Threat Intelligence & Collaboration
• Consumes, automates, analyzes, and applies internal and external threat intelligence to enhance detections, hunting, and defenses
• Collaborates with IT, GRC, engineering, and other teams on security projects, risk assessments, and awareness efforts
• Participates in threat emulation, purple team exercises, or control testing to validate and strengthen defenses

• Process Improvement & Compliance
• Maintains, updates, and contributes to incident response playbooks, runbooks, and standard operating procedures
• Assists with NIST 800-171 compliance and regulatory requirements through evidence collection, control testing, and assessment support
• Identifies gaps in security processes and proposes enhancements to improve efficiency, detection accuracy, and decrease MTTD/MTTR

• Bachelor’s degree in Cybersecurity or a related field with 10+ years, or a Master’s degree with 8+ years, of professional experience in cybersecurity operations, threat detection, incident response, or related technical security roles
• Must possess CISSP or equivalent DoDD 8570 certification
• Proven experience with event triage and monitoring tools
• Proficient in log analysis, event correlation, and identifying IOCs
• Experience using Sandboxing and other threat and malware analysis tools
• Proven ability to lead and mentor junior-level analysts
• Understanding of NIST 800-171 and CMMC requirements or strong understanding of security and compliance concepts related to another framework (RMF, CSF)
• Willing to respond to incidents outside of regular business hours, as needed
• Excellent analytical, problem-solving, and communication skills
• Ability to work effectively both independently and collaboratively
• Ability to work well under pressure
• Currently possess the CMMC Certified Professional (CCP) certification or can obtain certification within 6 months of employment
• Must be a U.S. citizen with the ability to obtain and maintain a U.S. Government security clearance

• Strong understanding of networking architecture
• Knowledge of cloud security concepts, Dev Sec Ops  practices, or adversary emulation frameworks
• Prior experience mentoring team members or leading small cybersecurity projects
• Experience in enterprise environments, cloud platforms such as Azure or AWS
• Proficiency in scripting/automation and query languages (SQL, SPL, FQL, KQL)

Salary Range: $117,000 - $175,000

This range serves as a general guideline and may vary based on factors such as role, level, location, market conditions, and individual qualifications, including job-related skills, experience, and relevant education or training. The range displayed in the job posting reflects the minimum and maximum…