New 
Cyber Defense Operator
 TEKsystems | |
$40.00 - $55.00 / hr
| |
life insurance, sick time, 401(k), retirement plan
| |
 United States, Texas, San Antonio | |
 Feb 24, 2026 | |
|
*Cyber Defense Operations Analyst*
*Location:* Onsite at Lackland, AFB *Clearance Required:* Active TS/SCI *Experience Level:* Junior Level (with relevant technical experience) *About the Opportunity* TEKsystems is supporting a highvisibility Cyber Defense Operations (CDO) mission responsible for defending one of the largest and most complex networks in the Department of Defense. Analysts provide 24/7 realtime monitoring, detection, and response against advanced cyber threats, working within a highly collaborative, missioncritical environment. This role is ideal for professionals passionate about handson security operations, intrusion detection, threat analysis, and incident triage-especially those with SOC experience and advanced digital forensics knowledge. *What You'll Work On* * Investigate endpoint security alerts using tools such as *Tanium* and *Microsoft Defender for Endpoint*. * Analyze security events using *SIEM*, *EDR*, *IDS*, and malware analysis platforms to triage and complete cyber investigations. * Triage and resolve highvolume alerts (700+ annually), ensuring accurate classification of malicious, benign, or contained activity. * Detect and validate threat activity-including live Red Team engagements-to strengthen defensive cyber operations. * Research emerging threats, adversary TTPs, and apply intelligence to improve SOC detection capabilities. * Tune detection logic to reduce false positives and identify emerging cyber behaviors. * Conduct continuous 24/7 network monitoring to identify intrusions across DoDmonitored environments. * Mentor junior analysts, refine SOPs, and support training as a qualified instructor for Cyber Defense Operator processes and tools. *Nature of the Work (Core Responsibilities)* * Review IDS/IPS alerts and conduct hostbased security monitoring in alignment with AFCERT Operating Instructions. * Analyze logs, traffic, and hostbased events to determine intrusion scope and required escalation. * Use SIEM and IDS platforms to correlate suspicious activity with networklevel data and DoD intelligence resources (e.g., Big Data Platform). * Document all investigative activity using mission case management systems with a high level of accuracy. * Generate mission reports, shift handoffs, performance metrics, and operational summaries. * Support Air Force units with cybersecurity guidance related to vulnerability management and risk reduction. * Provide tailored analysis during contingency operations, named missions, and cyber defense exercises. * Execute scoped endpoint actions to identify compromised accounts, files, domains, processes, or registry artifacts. * Perform approved response actions to contain threats and disrupt malicious activity. * Analyze threat intelligence (IoCs, TTPs, vulnerabilities) mapped to the *MITRE ATT&CK Framework*. * Maintain situational awareness and communicate operational updates to the Mission Lead and Crew Commander. * Conduct periodic security checks of the facility and initiate emergency protocols as needed. * Participate in mission planning, debriefs, detection tuning, and continuous process improvement. *Required Qualifications* *Clearance* * *Active TS/SCI clearance* (mandatory for mission access) *Experience* * Experience in *Cybersecurity*, *SOC operations*, *Incident Response*, or *Network Defense* * *Familiarity with:* * *Intrusion detection/IPS systems (DoD experience preferred)* * SIEM tools and event analysis * Endpoint detection/forensics concepts * TCP/IP, DNS, OSI model, and common network protocols (FTP, SMTP, HTTP, etc.) * Strong analytical skills and ability to work in a fastpaced, 24/7 operations environment * Understanding of *MITRE ATT&CK* framework and how it applies to detection engineering *Certifications* (Not all required, but *highly valued* and make candidates especially competitive) * *GCFA*, *GCIH*, *GCIA*, *Sec+*, *CYSA+*, *CEH*, or other DoD 8570approved certifications * Any digital forensics or incident response certification is a strong differentiator for this role *Technical Skill Areas* * IDS/IPS monitoring * SIEM log analysis * Endpoint detection tools * Incident triage and documentation * Threat intel interpretation (IoCs, TTPs, vulnerabilities) * Understanding of enterprisescale defensive cyber operations *Job Type & Location* This is a Contract position based out of San Antonio, TX. *Pay and Benefits*The pay range for this position is $40.00 - $55.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) *Workplace Type*This is a fully onsite position in San Antonio,TX. *Application Deadline*This position is anticipated to close on Mar 9, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. | |