Secret Cyber Threat Emulation Analyst (COS or HSV)

Position Overview

A company with locations in Colorado Springs, CO and Huntsville, AL is seeking a Secret Cyber Threat Emulation Analyst to perform proactive and reactive cybersecurity duties on customer networks. In this role, you will lead cyber events and incident investigations—from data gathering and analysis to reporting—and work closely with stakeholders in **Defensive Cyber Operations (DCO)**. Compensation: $55-63/hr depending on years and level of experience, education, and certifications. This role is onsite full-time at Schriever SFB or Redstone Arsenal and requires an Active Secret Clearance or higher.

Key Responsibilities

• Collaborate with the Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies while performing DCO/CSSP duties.
• Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defense.
• Support the development, review, and update of DCO procedures, processes, manuals, and related documentation.
• Measure the effectiveness of defense-in-depth architecture against known vulnerabilities.
• Generate vulnerability assessment reports for customers and create custom dashboards with recommendations for mediation.
• Execute Cyber Threat Emulation (CTE) actions within approved network zones, simulating adversary tactics, techniques, and procedures (TTPs).

Required Qualifications

• 4-6+ years of general (full-time) work experience.
• 2-4+ years of combined experience in manual or automated penetration testing in an enterprise environment.
• Practical experience with vulnerability assessment, cybersecurity frameworks, or risk assessments.
• Experience performing the full life cycle of incident response and enterprise-level monitoring.
• 1+ year of management or leadership experience in a team environment.
• Current DoD 8570.01-M IAT Level II certification with Continuing Education (e.g., CySA+, GICSP, GSEC, Security+ CE, SSCP).
• Must obtain a PenTest+ certification within 6 months of start date.
• Active DoD Secret Security Clearance, or higher.

Preferred Qualifications

• Bachelor’s degree or higher in Cybersecurity, Computer Science, or a related field.
• Experience with Cyber Threat Emulation tools, policies, and procedures.
• Experience operating custom software on a Linux platform.
• Experience with security analysis and solutions in WAN/LAN environments, including Routers, Switches, and Network Devices, across Windows and Linux.
• Familiarity with Security Operations Centers (SOC)/DCO tools such as Firewalls, IDS/IPS, and related applications.
• Experience performing security compliance scans (ACAS/Nessus preferred).
• Background in configuration, troubleshooting, and deployment of host-based security (ESS preferred).
• Ability to mentor and train personnel in a fast-paced, evolving environment.
• Familiarity with DoD Security Operations Centers (SOC) and CSSP-guided security policies.
• Active DoD Top Secret clearance.

Benefits & Perks

• Benefit packages start on the 31st day of employment.
• Medical, dental, and vision insurance.
• HSA, FSA, and DCFSA account options.
• 401k retirement account access with employer matching.
• Paid sick leave and/or other paid time off as provided by applicable law.