Security Analyst

Cherokee Federal

Security Analyst supporting cybersecurity operations in a federal environment performing detection, analysis, investigation, and incident response activities.

Posted 6/12/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $153,000 - $160,000 per yearWebsite

Tech Stack

Tools & technologies

AWSCloudCyber SecuritySplunk

About the role

Key responsibilities & impact

Monitor and analyze security events utilizing Splunk Enterprise Security (ES).
Build, maintain, and tune Splunk searches, correlation rules, alerts, and dashboards.
Conduct incident response activities from detection through containment, eradication, recovery, and closure.
Investigate endpoint security incidents utilizing Microsoft Defender for Endpoint.
Perform endpoint policy management and incident investigations.
Assess AWS cloud security telemetry utilizing GuardDuty, Security Hub, and related cloud security services.
Identify threats, vulnerabilities, suspicious activity, and cloud misconfigurations.
Execute alert triage, incident scoping, and escalation activities according to established playbooks.
Recommend updates and improvements to operational procedures and incident response playbooks.
Support threat hunting activities and detection engineering initiatives aligned to MITRE ATT&CK methodologies.
Perform phishing investigations, alert enrichment, and forensic review activities.
Conduct root cause analysis and document corrective actions following security incidents.
Track incidents and operational tasks utilizing case management systems.
Participate in tabletop exercises and operational readiness activities.
Collaborate with Security Operations teams, Incident Response personnel, and federal stakeholders.
Prepare reports and communicate findings to technical and non-technical audiences.
Perform other job-related duties as assigned.

Requirements

What you’ll need

Three (3) to five (5) years of experience in cybersecurity operations, SOC analysis, incident response, or related security disciplines.
Demonstrated hands-on experience with Splunk Enterprise Security, including search development, dashboard creation, and correlation rule tuning.
Experience utilizing Microsoft Defender for Endpoint for security investigations and policy management.
Working knowledge of AWS cloud security technologies, including GuardDuty, Security Hub, or equivalent tools.
Proven experience managing incidents through the complete incident response lifecycle.
Working knowledge of MITRE ATT&CK framework and common threat actor tactics, techniques, and procedures.
Familiarity with incident response methodologies and frameworks such as NIST 800-61.
Strong analytical, investigative, and problem-solving capabilities.
Excellent written and verbal communication skills.
Experience supporting federal government customers or highly regulated environments.
Ability to work independently while collaborating effectively with cross-functional teams.

Benefits

Comp & perks

Medical
Dental
Vision
401(k)
Paid Time Off
Life Insurance
Disability Coverage
other benefits as provided.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Splunk Enterprise SecurityMicrosoft Defender for EndpointAWS cloud securityGuardDutySecurity Hubincident responsethreat huntingMITRE ATT&CKroot cause analysisphishing investigations

Soft Skills

analytical skillsinvestigative skillsproblem-solvingwritten communicationverbal communicationcollaborationindependencecross-functional teamwork