Cyber Defense Analyst 3 (CDA3)

RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch industry professionals.

Join us on this journey as we execute this mission-critical contract providing high-end analytics and data science services within the REALM of cybersecurity.

Your effort and expertise are crucial to the success and execution of this impactful mission that is critical in ensuring mission success through Security Engineering, Risk Management and Assessment, and Insider Threat Analysis, by improving, protecting, and defending our Nation's Security.

Job Description:

The Cyber Defense Analyst 3 - HUNT serves as a senior member of the Security Operations Center (SOC), leading proactive threat hunting activities to identify, analyze, and mitigate advanced cyber threats across enterprise environments. This role requires deep technical expertise, strong analytical capabilities, and the ability to guide junior analysts while enhancing the organization's detection and response posture.

The Cyber Defense Analyst 3 shall possess the following capabilities:

• Lead proactive threat hunting operations using hypothesis-driven and intelligence-driven methodologies across network, endpoint, and cloud environments.
• Analyze large datasets (e.g., SIEM, EDR, NetFlow, logs) to identify anomalous behavior, indicators of compromise (IOCs), and adversary tactics, techniques, and procedures (TTPs).
• Develop and refine detection use cases, signatures, and analytic rules to improve SOC visibility and reduce dwell time.
• Conduct deep-dive investigations into complex security incidents and provide expert-level incident response support.
• Leverage frameworks such as MITRE ATT&CK to map adversary behavior and improve threat detection coverage.
• Collaborate with threat intelligence teams to operationalize intelligence into actionable hunt missions.
• Document hunt findings, incident reports, and recommendations for leadership and stakeholders.
• Continuously evaluate and integrate new tools, technologies, and methodologies to improve threat detection and response.
  

Qualifications:

• Eight (8) years Cyber Defense Analyst experience.
• Two (2) years TCP/IP fundamentals experience.
• Two (2) years Wireshark or tcpdump experience.
• Three (3) years SIEM experience (Splunk, ArcSight, Kibana, LogRhythm).
• Three (3) years network analysis and threat analysis experience.
• Experience conducting advanced threat hunting operations.
• Experience analyzing adversary activity and intrusion methods.
• 8x5 schedule.

Certifications Required:

• DoD 8570 compliance with CSSP Analyst baseline certification
• Information Assurance Technical (IAT) Level I or Level II certification
• Computing Environment (CE) certification. The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE
  certifications.
• Global Information Assurances Certification (GIAC) Certified Incident Handler (GCIH) certificate or Certified Intrusion Analyst (GCIA) certificate.
• Splunk software training course "Fundamentals 1"

Position requires active Security Clearance with appropriate Polygraph

Pay Range: 197,000-227,000

The RealmOne pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Our approach to crafting offers considers various factors to establish an equitable and competitive compensation package. These considerations include, but are not limited to, the extent and intricacy of the role's responsibilities, the candidate's educational background, their work experience, and the specific competencies crucial for success in the role.

RealmOne Benefits:

• Healthcare Coverage + Insurance: Medical: Three (3) rich healthcare options through CareFirst with 100% or majority company-paid premiums. Tax-advantaged health savings account available with generous employer contribution. Dental + Vision: 100% employer-paid for employees and family with buy-up option available.
• Retirement + Savings: 401K - 10% TOTAL CONTRIBUTION - 5% safe harbor - 5% annual profit share. Immediate vested, no match required!
• Paid Time Off + More: 4 weeks starting PTO - 11 federal holidays + 2 floating holidays - Paid hours for company-required training.
• Career Growth + Development: Access to FREE 24/7 learning via Udemy - Opportunities to participate in tech councils, industry initiatives, etc. - $7,500 annual Educational & Professional Development Assistance.
• MORE BENEFITS...FOR EVERY LIFESTYLE! - Paid parental leave - Adoption assistance - Annual swag drops - Flexible work schedules - -Generous referral bonus program - Employee appreciation + family-friendly corporate events ...and much more.

ABOUT US

• RealmOne is a mid-sized science and technology company dedicated to solving our customers' toughest mission challenges.
• Headquartered in Columbia, MD., RealmOne supplies advanced cybersecurity, data science and software engineering services and products to customers in the Government and commercial sectors.
• RealmOne delivers encompassing mission assurance and critical systems support to government customers across various U.S. locations to include Colorado, Georgia, Hawaii, Texas, Utah, and Virginia.
• RealmOne has earned numerous awards, including being named a Top Workplace by the Baltimore Sun. With more than 30+ active contracts, 12 of which are prime, RealmOne stands as a premier innovator supporting the Government and Department of Defense, with team members located nationwide.

Disclaimer: Benefits packages offered by RealmOne are subject to variation and may differ based on work location, clearance level, and other eligibility criteria. Specific eligibility, availability, and scope of benefits are not guaranteed, may differ from those generally described, and remain subject to modification at the sole discretion of the company.