Cybersecurity Analyst Tier 2; On-Site

The following states/districts are excluded from this job ad: AK, CA, CO, CT, DC, HI, LA, MA, MN, MO, NE, NV, NH, NJ, NM, NY, ND, OR, PR, RI, VT, WA, WY

Future Need
- Actively Interviewing

Hines Information Technology Center (ITC) Building 215, 1st Avenue, North of 22nd Street, Hines, Illinois 60141

Are you ready to defend critical systems against today's most advanced cyber threats? We are seeking a Cybersecurity Analyst
- Tier 2 to monitor alerts, investigate incidents, and ensure swift, effective responses to protect data and systems.

The Cybersecurity Analyst
- Tier 2 safeguards the Department of Veterans Affairs (VA) digital assets and responds to, investigates, and mitigates potential cyber threats.

• Performs real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM and EDR
• Makes accurate determination of what alerts are false positives or require further investigation and prioritization
• Leads and actively participates in the investigation, analysis, and resolution of cybersecurity incidents
• Analyzes attack patterns, determines the root cause, and recommends appropriate remediation measures to prevent future occurrences
• Ensures accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned
• Collaborates with knowledge management teams to maintain up-to-date incident response playbooks
• Collaborates effectively with cross‑functional teams, including forensics, threat intelligence, IT, and network administrators
• Communicates clear technical information and incident‑related updates to management and stakeholders
• Identifies and action opportunities for tuning alerts to make the incident response team more efficient
• Monitors the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
• Leverages Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
• Supports the mentoring and training of more junior incident response staff
• Stays informed about the latest cybersecurity threats, trends, and best practices
• Participates in cybersecurity exercises, drills, and simulations to improve incident response capabilities

The annual projected pay range for this position is $93,538.00 - $ with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.

• Medical, dental, vision and prescription drug coverage for you and your family.
• Life Insurance, short‑term disability and long‑term disability paid for by the Company.
• Supplemental coverages including Accident, Critical Illness, and Hospital.
• Additional Life insurance coverage for you and your dependents.
• 401k plan with various options to select based on your retirement goals.

All qualified applicants will receive consideration for employment without regard to any status protected by applicable federal, state, or local law.

3 years of experience supporting incident response in an enterprise‑level Security Operations Center (SOC)

Bachelor's degree in computer science, cybersecurity, information technology or related field. Must have or be willing to obtain one of the following certifications: GIAC Certified Incident Handler, EC-Council's Certified Incident Handler (E|CIH), GIAC Certified Incident Handler (GCIH), Incident Handling & Response Professional (IHRP), Certified Computer Security Incident Handler (CSIH), Certified Incident Handling Engineer (CIHE), EC-Council's Certified Ethical Hacker.

• Above average understanding of cybersecurity principles and incident response methodologies
• Strong experience with security technologies (e.g., SIEM, IDS/IPS, EDR, network monitoring tools)
• Experience with enterprise ticketing systems (e.g., Service Now)
• Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise…