Secret Mid-Level Cyber Threat Emulation Analyst

A client of Insight Global's is looking for a Secret Mid-Level Cyber Threat Emulation Analyst, to join their team! This position will play a key role in supporting the Missile Defense Agency (MDA).

Job Responsibilities:
- Perform proactive and reactive cybersecurity duties on customer networks to strengthen enterprise-wide security posture.
- Analyze assets, threats, and vulnerabilities to identify weaknesses and enhance network defenses; measure effectiveness of defense-in-depth architecture.
- Develop, review, and update Defensive Cyber Operations (DCO) procedures, processes, manuals, and related documentation.
- Generate vulnerability assessment reports, escalate findings, and support enterprise-wide incident response in compliance with DoD regulations; lead cyber events and investigations from start to finish.
- Execute Cyber Threat Emulation (CTE) actions using automated validation tools; create dashboards and reports detailing vulnerabilities, remediation steps, and security posture assessments.
- Draft and submit Cyber Tasking Orders (CTOs) to address issues identified during CTE engagements; implement Higher Headquarters Tasking Orders (HHQ) and Fragmentary Orders as directed.
- Mentor and train analysts at all levels; collaborate with Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ and industry best practices.

This position is onsite full-time in Colorado Springs, CO or Huntsville, Alabama the salary range for this role is between $120,000 - $132,000/yr depending on years and level of experience, education, and certifications. This role requires an Active Secret Clearance or higher. Typical benefits offered include flexible work schedules, educational reimbursement, retirement benefits (401K match), employee stock purchase plan, health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental leave.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

- DoD Secret Security Clearance (Top Secret Preferred)
- DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CySA+, GICSP, GSEC, Security+ CE, SSCP)
- 6+ years of general work experience
- 4 years of experience directly related to:
○ Performing manual or automated penetration test in an enterprise environment
○ Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments
○ Experience performing the full life cycle of incident response and enterprise-level monitoring
- 1+ years of management or leadership experience in a team environment
- Currently hold, or obtain within 6 months of start date, a PenTest+ certification

- Bachelor’s degree, or higher, in Cybersecurity, Computer Science or related field
- Experience working with Cyber Threat Emulation tools, policies, and procedures
- Experience operating custom software on top of a Linux platform
- Experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
- Experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
- Experience performing security compliance scans across a WAN (ACAS/Nessus preferred)
- Background in configuration, troubleshooting, and deployment of host-based security (ESS preferred)
- Experience mentoring and training personnel in an evolving, high-paced environment
- Familiarity with DoD Security Operations Centers (SOC) (aka CSSP) and DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.