Cyber Analysis Lead

Edgewater Federal Solutions Sector is seeking a Cyber Analysis Lead for the Department of Defense (DoD). The successful candidate will be responsible for leading and directing a team of cyber analysts in the identification, analysis, and mitigation of cyber threats and vulnerabilities and the preparation of tailored mitigation recommendations focused on risk reduction. Develop and implement security monitoring strategies and procedures to improve the organization's overall security posture. Lead and mentor a team of cyber analysts, providing guidance on threat intelligence analysis and vulnerability assessments. Provide actionable risk-reduction recommendations to stakeholders based on threat intelligence and analysis findings, contributing to proactive security improvements.

Lead a Team of Cyber Analysts: Oversee and direct the work of a team of cyber analysts in identifying, analyzing, and responding to cyber threats, vulnerabilities, and risks. Provide mentorship and guidance to team members, ensuring skill development and high-quality deliverables.
• Threat Intelligence Analysis: Conduct threat analysis using data from various intelligence sources to identify potential cyber risks and ongoing attacks. Guide the team in collecting, correlating, and analyzing threat intelligence data to detect malicious activity.
• Vulnerability Analysis and Mitigation: Perform detailed assessments of vulnerabilities in the organization's networks, systems, and applications. Develop tailored mitigation strategies and recommendations to address vulnerabilities and reduce overall cyber risk.
• Develop Security Monitoring Strategies: Design and implement robust security monitoring procedures and strategies to proactively identify and mitigate emerging cyber threats. Optimize existing security monitoring tools and processes to enhance the organization's detection and response capabilities.
• Provide Risk-Reduction Recommendations: Translate threat intelligence and analysis findings into actionable risk-reduction recommendations for stakeholders. Collaborate with stakeholders to implement long-term strategies for improved security posture and risk mitigation.
• Incident Response Support: Lead or support the team in analyzing and responding to security incidents, leveraging threat data to investigate and contain breaches.
• Develop and Maintain Documentation: Author and review team deliverables, such as reports, briefings, and dashboards, to communicate findings and recommendations effectively. Create and maintain detailed incident, threat intelligence, and vulnerability assessment documentation.
• Collaboration with Stakeholders: Work closely with IT and security teams to coordinate threat intelligence sharing, enhance risk awareness, and implement security measures. Act as a key liaison between cyber analysts and organizational leadership to align security efforts with strategic priorities.
• Continuous Analysis and Process Improvement: Assess and refine cybersecurity processes, tools, and methodologies to ensure efficiency and effectiveness. Stay updated on emerging cyber threats, attack techniques, and countermeasure technologies to inform strategic decisions.
• Manage Tools and Resources: Oversee the configuration and optimization of network security tools (Assured Continuous Assessment Solution (ACAS), Trellix e-Policy orchestrator (ePO), Microsoft Defender for Endpoint/Server (MDE/S), Splunk's SOAR, Splunk's Enterprise User Behavioral Analytics (EUBA), Palo Alto Networks (PAN) IPS modules on Firewall (FW) hardware, Tanium, Privilege Access Management (PAM), Fortify Software Security Center (SSC), Fortify Static Code Analyze, Portswigger Burp, Fortify Web Inspect, Red Hat Advanced Cluster Security for Kubernetes, Sonatype Repository Firewall and SBOM Manager), including intrusion detection/prevention systems (IDS/IPS), SIEM platforms, and vulnerability scanners. Evaluate and recommend new tools and technologies to strengthen the organization's cyber defense capabilities.

Knowledge, Skills, and Abilities

• Advanced Knowledge of Network Infrastructure: Deep understanding of network architectures, protocols (e.g., TCP/IP, DNS, HTTP/S), and technologies (e.g., routers, switches, firewalls) to analyze and secure complex environments.
• Threat Intelligence and Analytics Expertise: Ability to collect, analyze, and contextualize threat intelligence from multiple sources to identify cyber risks and detect malicious activity.
• Vulnerability Assessment and Mitigation Skills: Proficiency in identifying and assessing vulnerabilities in networks, systems, and applications and generating tailored remediation plans to reduce risk.
• Incident Detection and Response Knowledge: Expertise in security incident detection, analysis, and containment, including root cause analysis, attack vector identification, and mitigation strategies.
• Security Monitoring and Tool Proficiency: Advanced skills in configuring and leveraging security monitoring tools such as Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) platforms, and endpoint detection tools.
• Leadership and Team Mentorship: Strong ability to lead and mentor a team of cyber analysts, providing guidance, fostering skill development, and ensuring high-quality work deliverables.
• Risk Reduction Strategy Development: Proven capability to translate threat and vulnerability analysis into actionable recommendations to enhance organizational security posture and mitigate risks.
• Effective Communication Skills: Ability to convey technical findings, risks, and mitigation strategies to non-technical stakeholders, leadership, and teams in both written and verbal formats.
• Familiarity with Cybersecurity Frameworks and Standards: Knowledge of frameworks like NIST Cybersecurity Framework, MITRE ATT&CK, and other relevant standards to guide security practices and assessments.
• Analytical Thinking and Problem-Solving: Strong analytical and critical thinking abilities to identify security gaps, uncover patterns in threat data, and propose innovative solutions to secure the network against evolving threats.

• Bachelor's degree in technical discipline, or related field and/or 10-years' experience in progressively more complex roles in cybersecurity operations or analysis
• 7+ years of hands-on experience in cybersecurity, with a focus on network security, threat analysis, and incident response.
• Specific experience in developing and implementing security monitoring strategies.
• At least 3+ years of leadership or team management experience in a cybersecurity or network analyst role.
• Strong understanding of network infrastructures, protocols, and security technologies, such as firewalls, IDS/IPS, and SIEM platforms.
• Proficiency in conducting threat intelligence analysis and vulnerability assessments.
• Practical experience with risk assessment and providing actionable recommendations for mitigation.
• CompTIA Security+
• Certified Information Systems Security Professional (CISSP)
• Clearance Requirement: Top Secret

Desired Qualifications

• Certified Ethical Hacker (CEH)
• Master's degree in Cybersecurity, Information Assurance, or a related discipline.
• Completion of additional cybersecurity training programs or specialized skill development.
• Hands-on experience in configuring, managing, or optimizing cybersecurity tools to automate detection and response (e.g., Splunk, Palo Alto, etc.).
• Prior experience working in federal or enterprise-level cybersecurity environments, particularly with exposure to frameworks like NIST, MITRE ATT&CK, or ISO standards.
• Proficiency in scripting or automation tools (e.g., Python, PowerShell, Bash) for security monitoring and analysis tasks.
• Certified Information Security Manager (CISM)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• AWS Certified Security - Specialty: (or equivalent cloud-specific certifications) for experience securing cloud-based environments.
• CompTIA CySA+ (Cybersecurity Analyst)
• Project Management Professional (PMP)
• Active Secret or Top Secret clearance

Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• While performing the duties of this job, the employee is regularly required to talk or hear.
• Possess the ability to fulfill any and all office activities normally expected in an office setting, to include, but not limited to remaining seated for periods of time to perform computer entry, participating in filing activity, lifting and carrying office supplies.
• The employee must occasionally lift and/or move up to fifteen (15) pounds.
• Fine hand manipulation (keyboarding).
• Must have the ability to sit for long periods.
• Ability to view computer monitor for long periods.

Working at Edgewater Federal Solutions:

Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Companies since 2018.

EdgewaterFederal Solutions is an Equal Opportunity Employer. It has been and continues to be our policy to provide equal employment to all employees and applicants for employment without regard to race, color, religion, gender, national origin, age, disability, marital status, veteran status and/or other status protected by applicable law. #LI-KC1