Cybersecurity Analyst Position Available In Madison, Alabama

Cybersecurity Analyst Spaark Inc Huntsville, AL 35898 SPAARK, Inc. is currently seeking a highly skilled and experienced Cybersecurity Analyst to support our customer, the Federal Bureau of Investigations (FBI) onsite in Huntsville, Alabama at FBI Redstone. This role will be a senior member of a team of nearly 40 cybersecurity professionals supporting the Enterprise Security Operations Center (ESOC) Watch Floor Operations, playing a crucial role in the FBI’s cybersecurity defense strategy. Operating around the clock, 24/7, 365 days a year, this dynamic team ensures the timely detection and resolution of potential security incidents, thereby minimizing the impact of cyber threats on the organization. You will lead efforts in threat analysis, incident response, risk assessment, and the development of security controls, serving as a key advisor across the team on cybersecurity best practices, emerging threats, and regulatory compliance. This position is contingent upon contract award, which is anticipated in June 2025.

Duties:

Conduct continuous monitoring of security alerts and events from various sources, such as security tools, logs, and sensors. Analyze the data to identify potential security incidents or anomalies. Utilize security information and event management (SIEM) systems to correlate data and detect patterns indicative of malicious activity. Analyze alerts to determine urgency and initiate incident response procedures for confirmed security incidents. Coordinate and collaborate with incident response teams to contain, eradicated, and recover from security breaches. Maintain communications with relevant stakeholders, including IT teams, management, and external parties. Integrate threat intelligence feeds to enhance the Security Operations Center’s (SOC) understanding of current and emerging threats and leverage threat intelligence to defend against potential attacks proactively. Generate Reports on security incidents, including their nature, scope, and impact and disseminate upon approval for release. Monitor and assess current and emerging cybersecurity threats, vulnerabilities, and trends to leverage this knowledge to inform proactive defense strategies and to update SIEM content to ensure it remains accurate and relevant. Assist in developing and maintaining data ingestion configurations to collect and parse log and event data from various sources across the organization. Ensure that security related data is appropriately formatted and ingested into the SIEM for analysis and ensure the SIEM environment is configured to support efficient incident response and basic forensic analysis. Contribute to the development of custom searches, correlations, and alerts to identify potential security incidents, as well as optimized queries and rules to detect suspicious activities or patterns in the data. Collaborate with other security stakeholders to understand the organization’s security needs and translate them to actionable use cases. Assist with the documentation of all content, rules, and configurations to facilitate knowledge transfer and ensure the team understand the implemented security measures.

Work Experience/Skills Requirements:

Demonstrated expert proficiency with Splunk Enterprise Security is required including configuration, tuning, and optimization for real-time monitoring and incident response Microsoft Sentinel experience is preferred An in-depth knowledge of cybersecurity principles, practices, and frameworks, including Incident Response Frameworks, Executive Orders, and National Cybersecurity Strategies, CIS Controls, ISO/IEC 27001, NIST Cybersecurity Framework and Federal Information Security Management Act (FISMA) Knowledge of compliance requirements relevant to cybersecurity, such as GDPR, HIPAA, and PCI DSS Advanced skills in scripting and programming languages, such as Python or PowerShell, to automate security tasks, enhance workflows, and improve incident response efficiency Familiarity with various security technologies, including firewalls, IDS/IPS, endpoint protection, and advanced threat detection tools. Expert knowledge of network protocols, operating systems, and application security Excellent written and oral communication Excellent problem-solving and analytical thinking skills High attention to detail and strong organizational skills Proficiency in risk assessment methodologies, incident response, and forensic investigation Ability to excel in cross team collaboration Ability to support after core hours as the ECS mission requires. Education and/or

Certification Requirements:

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related discipline or a combination of education and experience in lieu of a degree Minimum 10 years of progressive cybersecurity experience, with at least 3 in a subject matter expert or senior-level role.

Preferred Certifications:

GIAC Continuous Monitoring Certification (GMON) GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) GIAC Certified Intrusion Analyst (GCIA) GIAC Network Forensic Analyst (GNFA) GIAC Cloud Threat Detection (GCTD) GIAC Cloud Forensics Responder (GCFR) CompTIA Security+, CySA+, or

CISSP Clearance Requirements:

Active Top Secret Clearance with SCI eligibility required Equal Opportunity Employer