Current jobs related to Cyber Defense Operator - San Antonio - Apex Systems

  • Cyber Operations Planner

    2 months ago

    San Antonio, United States Tyto Athene, LLC Full time

    Tyto Athene is seeking a Cyber Operations Planner for a newly awarded multi-year contract providing Cyberspace Support Services in support of the Air Force’s 688th Cyberspace Wing (688 CW) located in San Antonio, TX. Cyber Operations Planner is responsible for planning, implementing and executing the AF cyber operations plans and strategy assigned to the...

  • Cyber Operations Planner

    3 months ago

    San Antonio, United States Tyto Athene, LLC Full time

    Tyto Athene is seeking a Cyber Operations Planner for a newly awarded multi-year contract providing Cyberspace Support Services in support of the Air Force’s 688th Cyberspace Wing (688 CW) located in San Antonio, TX. Cyber Operations Planner is responsible for planning, implementing and executing the AF cyber operations plans and strategy assigned to the...

  • Cyber Defense Analyst 3

    2 weeks ago

    San Antonio, United States The Swift Group Full time

    Job DescriptionJob DescriptionTitle: Cyber Defense Analyst - Level 3Location: San Antonio, TXOPS Consulting is seeking a qualified Cyber Defense Analyst - Level 3 (ICS, SCADA) candidate who uses information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior. Identifies, triages, and reports...

  • Cyber Defense Analyst 2

    2 weeks ago

    San Antonio, United States The Swift Group Full time

    Job DescriptionJob DescriptionOPS Consulting is seeking a qualified Cyber Defense Analyst - Level 2 (SCADA) based out of San Antonio, TX., who uses information collected from a variety of sources to monitor network activity and analyze it for evidence of anomalous behavior. Identifies, triages, and reports events that occur to protect data, information...

  • Cyber Security Specialist

    4 days ago

    San Antonio, Texas, United States MITRE Full time

    Exciting Opportunity at MITRE CorporationWe are seeking a talented engineer to lead our Multi-Domain Cyber Integration initiatives. Your role will involve developing and integrating cyber architectures and solutions to enhance the defense and resilience of critical mission systems.Key Responsibilities:Build trusted relationships across projects to drive...

  • Cyber Operations Educator IV

    5 days ago

    San Antonio, Texas, United States Tyonek Native Corporation Full time

    Job OverviewPOSITION SUMMARYThe Cyber Warfare Instructor IV is accountable for delivering high-quality education, developing comprehensive curricula, and providing expert knowledge in offensive cyber operations.KEY RESPONSIBILITIESConduct thorough planning, research, and analysis of Internet Protocol (IP) fundamentals, advanced IP concepts, tunneling...

  • Cyber Operations Intelligence Specialist

    1 week ago

    San Antonio, Texas, United States ITI Solutions Full time

    Cyber Operations Intelligence SpecialistPOSITION SUMMARY: The 91 COS is seeking a dedicated professional to enhance the development, maintenance, and instruction of standardized cyber operations utilizing TNO platforms in support of Combatant Commanders globally. This role aims to equip operations personnel with comprehensive training courses that elevate...

  • Cybersecurity - Cyber Defense Analyst - Malware, Vulnerability, Incidents

    1 month ago

    San Antonio, United States Erias Ventures Full time

    Erias Ventures was founded to serve its customers with an entrepreneurial mindset. We value creative problem-solving, open communication, and empowering our employees to make decisions and put forth new ideas. We are seeking engineers who wish to grow their careers and want to become part of a strong, entrepreneurial-minded, and technical company focused on...

  • National Cyber Operator

    3 months ago

    San Antonio, United States SIM&S, Inc. Full time

    Job DescriptionJob DescriptionSalary: Job Purpose:Seeking cyber operator with hands-on Intrusion Detection System (IDS) and forensic analyst experience. In support of National Cyber Protection Team (CPT) operations, candidate will serve as Cyber Operators filling either a Cyber Security Network Analyst position or Cyber Security Host Analyst position.Duties...

  • Defensive Cyber Instructional Developer

    3 months ago

    San Antonio, United States Booz Allen Hamilton Full time

    Defensive Cyber Instructional Developer The Opportunity: Do you want to develop training that will transform cybersecurity? As an instructional developer, you know that even the best tools and processes can’t have an impact without the right education. Constructing an interactive course that teaches critical cyber weapon system functionality requires a...

  • Computer Network Defense

    1 week ago

    San Antonio, United States Wyetech LLC Full time

    Use information collected from a variety of computer network defense resources (including, but not limited to, intrusion detection system alerts, firewall and network traffic logs, and host system logs) to identify, analyze, and report events that occur or might occur within their environment. Required Qualifications TS/SCI w/client level poly Seven (7)...

  • Cybersecurity Operations Strategist

    1 week ago

    San Antonio, Texas, United States Tyto Athene, LLC Full time

    Tyto Athene, LLC is seeking a Cybersecurity Operations Strategist to support a newly awarded multi-year contract providing Cyberspace Support Services. This role involves the planning, implementation, and execution of Air Force cyber operations strategies.Key Responsibilities:Leverage extensive knowledge of cyberspace operations to develop Cyber Ops Planning...

  • Senior Air Defense Operations Specialist

    2 days ago

    San Diego, California, United States Sigma Defense Full time

    Job SummarySigma Defense is seeking a seasoned professional to serve as an Integrated Air and Missile Defense (IAMD) Operations Planner with the Distributed Training Architecture Support (DTAS) team at Tactical Training Group Pacific (TTGP).Key ResponsibilitiesAssist the TTGP Staff in executing their mission of providing advanced tactical training to...

  • Cybersecurity Operations Strategist

    1 week ago

    San Antonio, Texas, United States Tyto Athene, LLC Full time

    Tyto Athene, LLC is seeking a Cybersecurity Operations Strategist to support a significant multi-year initiative providing Cyberspace Support Services. This role is pivotal in shaping and executing the cyber operations strategies aligned with the mission objectives.Key Responsibilities:Utilize advanced knowledge of cyberspace operations to develop and refine...

  • Cyber Security Manager

    4 weeks ago

    San Antonio, United States BTAS, Inc. Full time

    POSITION: Cybersecurity Project ManagerLOCATION: JBSA-Lackland, TX REQUIRED SECURITY CLEARANCE: TS/SCI with potential for higher read-ins POSITION TYPE/STANDARD WORK HOURS: Full-time (on-site)/40 hours per week WHO WE ARE:BTAS is a woman-owned small business founded in 1995, located near Wright-Patterson Air Force Base in Beavercreek, OH. We have earned...

  • Cyber Security Manager

    4 weeks ago

    San Antonio, United States BTAS, Inc. Full time

    POSITION: Cybersecurity Project ManagerLOCATION: JBSA-Lackland, TX REQUIRED SECURITY CLEARANCE: TS/SCI with potential for higher read-ins POSITION TYPE/STANDARD WORK HOURS: Full-time (on-site)/40 hours per week WHO WE ARE:BTAS is a woman-owned small business founded in 1995, located near Wright-Patterson Air Force Base in Beavercreek, OH. We have earned...

  • Cyber Tools Test Engineer

    1 month ago

    San Antonio, United States Zachary Piper Full time

    Join Our Team as a Cyber Tools Test Engineer at Zachary Piper Solutions!Are you a skilled engineering professional seeking an opportunity to make a real impact? ZPS is seeking a qualified Cyber Tools Test Engineer to support a US Government Customer.Position Title: Cyber Tools Test EngineerLocation: San Antonio, TX – Onsite 5x a weekClearance...

  • Cyber Operations Educator IV

    1 week ago

    San Antonio, Texas, United States Tyonek Native Corporation Full time

    Job OverviewPOSITION SUMMARYThe Cyber Warfare Instructor IV is tasked with delivering educational instruction, developing course materials, and providing expert knowledge in offensive cyber operations.KEY RESPONSIBILITIESConduct thorough research and analysis on Internet Protocol (IP) fundamentals, advanced IP concepts, tunneling, traffic analysis, and cyber...

  • Cybersecurity Operations Supervisor

    1 week ago

    San Antonio, Texas, United States Department Of Defense Full time

    Position Overview: The incumbent will serve as the Chief of a designated Line of Business, responsible for establishing objectives, policies, and strategic planning to ensure the alignment of information technology directives with organizational goals.Key Responsibilities:Conduct comprehensive analyses of Line of Business portfolios, focusing on cost,...

  • Cyber Operations Educator IV

    1 week ago

    San Antonio, Texas, United States Tyonek Native Corporation Full time

    Job OverviewPOSITION SUMMARYThe role involves delivering classroom education, developing educational materials, and providing expert knowledge in offensive cyber operations.KEY RESPONSIBILITIESConduct thorough research and analysis on Internet Protocol (IP) fundamentals, advanced IP concepts, tunneling techniques, traffic analysis, and cyber operations...

Cyber Defense Operator

2 months ago

San Antonio, United States Apex Systems Full time

Position Title: Cyber Defense Operator (CDO)

Client: Federal

Type of Position: 1 year contract to hire

Location: Lackland AFB in San Antonio, TX

Schedule: Need to be flexible for any assigned schedule within a 24/7/365 environment

Compensation: 100-125K annually


**If interested and qualified, please reach out to the professional recruiter, Nicole, at nrosipal@apexsystems.com


Cyber Defense Operator (CDO – Requires Mission Ready Status)

The ability of the AFIN SOC to complete its mission is dependent upon accurate, timely, and thorough near real‐time network security monitoring and analysis of the Air Force network/systems DCO events. Cyber Defense Operator contractor employees shall provide mission hours (24/7/365 days a year) of operation per PWS paragraph 2.9.2 with zero tolerance for error.


  • Review all IDS/IPS alerts per AFIN SOC Operating Instruction (OI) and checklists at the AOL, COOP, or Ops Floor. Conduct host security monitoring, alert review, and intrusion detection analysis for the AFIN‐SOC mission.
  • Develop, review, and maintain procedures related to the overall monitoring of Hosts/Systems.
  • Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities. (CDRL A002)
  • Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation. Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP).
  • Analyze traffic/logs/events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.
  • Record who, what, where, why, and when for any identified suspicious activity in case management system (CMS) case to enable additional investigations. (CDRL A008)
  • Conduct triage of suspicious activity alerts and logs in order to make a fast and accurate triage decision. (CDRL A008)
  • Enter event data into mission support systems in accordance with AFIN SOC operational procedures and reports. (CDRL A008)
  • Provide monthly performance metrics including but not limited to readiness, qualifications, events processed, CAT events, and incidents identified. (CDRL A005)
  • Escalate security incidents using established policies and procedures.
  • Generate end of mission reports (MISREPS) and provide pass‐on information for knowledge transfer to subsequent crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.
  • Provide computer security‐related support to AF field units (examples: 688 Cyber Wing Squadrons, Base Communications Squadrons, Mission Defense Teams), as directed by CCC, in countering vulnerabilities, minimizing risk, and improving the security posture of AF computers networks and systems within the scope of AFIN SOC operational requirements and mission execution.
  • Provide focused DCO tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises.
  • Conduct 24x7x365 near real‐time network security monitoring and intrusion detection analysis for the networks, systems monitored using AF’s selected IDS/IPS capabilities with no more than a 1% error rate. (CDRL A005)
  • Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated as needed through the approved documentation system, in order to ensure efficient transition when personnel rotate.
  • Create and document metrics for reporting and analysis to improve alert triage processes and mission execution. (CDRL A009)
  • Provide requested information to operational leadership as it relates to mission execution.
  • Conduct intake of administrative and operational communication from external agencies and route the communication to the Mission Lead/Crew Commander.
  • Perform security checks every four hours to verify external doors are properly closed and no suspicious activity is taking place around the facility. If suspicious activity is observed or suspected, contact and inform the Crew Commander.
  • Initiate emergency checklists due to imminent threat, as directed by Crew Commander. Call emergency responders (Security Forces/Fire Department etc.) if needed via 911. The Crew Commander is responsible for all official reporting.
  • Inform Crew Commander for all anomalies to include, but not limited to utility outages, flooding, sick/missing members, or any other irregularity with the potential to adversely impact the mission.
  • Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
  • Provide feedback on detection mechanisms that are both true and false positive events to ESM and Content Development as applicable.
  • Participate in planning, briefing, and debriefing tasks as directed by CDO Mission Lead or Crew Commander.
  • Accomplish assigned weapon system access, ORM, Go/No Go, reports, TTP updates and TAR submissions.
  • Execute approved scoping actions. Find endpoints matching target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other correlating data to determine extent of compromises.
  • Execute approved response actions against target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other system components to contain compromises.
  • Analyze threat intelligence (TIPPERS) as directed by CDO Mission Lead or Crew Commander to include contextual information, IoCs, TTPs, vulnerabilities, effects, and actionable intelligence about threats mapped to the MITRE threat framework.
  • Work with CDO Mission Lead for prioritization and assignment of tasks.
  • Provide CDO Mission Lead support, notify CDOs of Crew Commander prioritized tasks, tracking all required mission systems and functions.


Knowledge/Experience Requirements:

  • Active TS/SCI clearance
  • Certification Requirements: One of the following IAT Level 3 8140 Certifications (CISA, GSE, SCNA, CISSP, GCIH)
  • After onboarding, you will need to receive either the GCFA or GCFE within 120 days.


  • Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP); and understand the network Open Systems Interconnection (OSI) model. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open‐Source projects)