Hexagon US Federal

Senior Cyber Security Analyst

Hexagon US Federal

full-time

Posted on:

Location Type: Hybrid

Location: HuntsvilleAlabamaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityDNSPerlPythonSplunkTCP/IP

About the role

  • Security monitoring & detection: Design, tuning, maintain IDS/IPS, SIEM, EDR, and log collection pipelines to detect advanced threats.
  • Incident Response: Establish and implement an operational incident-handling capability for organizational systems, encompassing preparation, detection, forensic collection, analysis, containment, eradication, recovery, user response, and post-incident root-cause analysis.
  • Threat hunting & intelligence: Proactively hunt for threats across networks, endpoints, cloud, and applications using threat intelligence, YARA rules, KQL queries, and custom tooling.
  • Vulnerability management: Coordinate regular vulnerability scanning, assess risk, prioritize remediation, and validate fixes.
  • Risk assessment & remediation: Conduct risk assessments, threat modeling, and security reviews for systems, applications, and projects; propose mitigations and track remediation.
  • Security architecture & controls: Advise on secure design and configuration for on-premises infrastructure and cloud (Azure/AWS), network, identity, and application layers; implement security controls and hardening.
  • Automation & tooling: Develop automation (playbooks, SOAR, scripts) to streamline detection, response, and reporting.
  • Compliance & governance: Support audits and regulatory compliance programs (e.g., CMMC, NIST 800-171, DFARS 7012) by providing evidence, mapping controls, and remediation tracking.
  • Metrics & reporting: Define and report key security metrics (MTTD, MTTR, incident counts, vulnerability trends); brief technical and executive stakeholders.
  • Collaboration: Work with Enterprise IT, DevOps, HR, legal, and business units to integrate security into product/programs, change management, and release processes.

Requirements

  • 12+ years of hands-on experience in security operations, incident response, threat hunting, or related roles.
  • Strong knowledge of SIEM or logging platform (e.g., Splunk, Elastic, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and network security tooling.
  • Experience with hybrid on-premises/cloud security environments using AWS/Azure and securing physical systems, virtual machines, and containers.
  • Proficiency with one or more scripting languages (Bash, Python, PowerShell, or Perl) and building detection queries.
  • Solid understanding of TCP/IP, DNS, HTTP, SSL/TLS, authentication protocols (OAuth, SAML), and common attack vectors.
  • Solid understanding of MITRE ATT&CK framework/Cyber Kill Chain.
  • Familiar with vulnerability scanning tools (Tenable/Nessus, Qualys), and remediation reporting workflows.
  • Familiarity with FedRAMP controls and cloud security frameworks (AWS, Azure, or hybrid on-premises/multi-cloud environments).
  • Incident response and digital forensics experience.
  • Excellent analytical, communication, and stakeholder management skills.
  • Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or 7 years equivalent relevant experience (or relevant certifications).
  • Knowledge of DISA STIGS, CIS benchmarks, STIG Viewer, and SCAP Compliance Checker.
Benefits
  • Competitive health care plans with savings accounts
  • Dental and vision plans
  • 401k with 100% company match up to 6%, with immediate vesting on company match
  • Life and disability insurance
  • Learning Management System with robust offerings
  • Tuition Reimbursement Program
  • Flexible working arrangements where possible
  • 13 paid holidays per year
  • Veterans’ focused Employee Resources Group with regular educational sessions and communications
  • Leadership Development Program with multiple learning options
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
IDSIPSSIEMEDRYARAKQLBashPythonPowerShellTCP/IP
Soft Skills
analyticalcommunicationstakeholder management
Certifications
Bachelor’s degree in Computer ScienceBachelor’s degree in Information SecurityBachelor’s degree in Cybersecurity