Cyber Security Analyst Tier 3
Company: Freedom Technology Solutions Group
Location: Saint Louis
Posted on: April 1, 2026
|
|
|
Job Description:
Freedom Technology Solutions Groups is looking to add a Tier 3
Cyber Security Analyst to the team. The candidate will provide CSOC
Tier 3 services, which is 24x7x365 coordination, execution, and
implementation of all actions required for the containment,
eradication, and recovery measures for events and incidents. CSOC
Tier 3 services includes malware and implant analysis, and forensic
artifact handling and analysis. When a CIRT is stood up, all
contractors in support of CSOC Tier 3 services will be under the
direct control of, and take direction from, the Government CIRT
Commander. While not in a period of incident response, the
Contractor shall conduct continuous exercises and dry runs to
improve response outcomes in the event of a cyber-incident. All
Contractor personnel performing CSOC Tier 3 services shall have or
obtain, within six months of start, a certification that is
compliant with DoDD 8140.01 and DoD 8570.01-M IAT Level III and
CSSP Incident Responder. Job Duties: Coordinate and implement
tasks, performing analysis, and building/documenting response
activities required during cyber security incident response, to
include but not limited to actions such as implementing containment
measures, IP blocks, domain blocks, and disabling user accounts on
direction of the Government. Coordinates with Security and
Installations Directorate (SI) Office of Counterintelligence (SIC),
Insider Threat Office (SIII), in addition to other law enforcement
and counter intelligence personnel as required to perform advanced
investigation and triage of incidents; Collaborates with
appropriate authorities in the production of security incident
reports; Categorizes incidents and events; Coordinates with other
contracts, organizations, activities, and other services as
appropriate to ensure incidents are properly reported, contained,
and eradicated; Coordinates with other contracts, organizations,
activities, and other services as appropriate to de-conflict blue /
red team activity with open incidents/events; Coordinates with
other contracts, organizations, activities, and services to ensure
NGA recovers from an incident/event; Builds timelines, documents,
briefings, and other products as required to inform stakeholders of
incident response actions, analysis, and the impact of both
adversary activity and blue force response actions. Documents
actions taken and analysis in the authorized ticketing system to a
level of detail where the actions taken and analysis are capable of
being systematically reconstructed. Develops and when approved by
the Government generates and updates reports in the Joint Incident
Management System (JIMS), Incident Case Management System (ICMS),
and/or other authorized reporting systems as directed; Develops,
maintains, sustains, and when properly authorized by the Government
executes custom scripts, tools, and capabilities to collect and
analyze data, and to respond to incidents/events; Performs digital
media analysis on host, server, and network data as required to
analyze and respond to an incident, to include but not limited to
volatile and non-volatile memory and/or system artifact collection
and analysis; Develops and identifies indicators of compromise to
send to Cybersecurity stakeholders and other Contract Services;
Provides adversary attribution; Performs malware analysis and
signature development; Coordinate with CSOC Tier 1 and 2 services
to remediate all discrepancies and provide recommendations to
prevent reoccurrence. Job Requirements: Bachelors Degree and or 6
years’ experience in Cyber Security (CSOS) Active security
clearance. DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP
Incident Responder. Provides input to and coordinates with all
applicable stakeholders to develop and deliver the daily CSOC
Significant Activity Report, the daily CSOC Operations Update, and
the Weekly CSOC Status Report; Serve as C-IRT members as required
and serve under the direct control of, and take direction from, the
Government C-IRT Commander; Develop and coordinate courses of
action with various Government and contract stakeholders, and when
properly authorized by the Government, execute Defensive Cyberspace
Operations-Internal Defensive Measures on behalf of the NGA on NGA
networks and systems; Performs digital media analysis and malware
reverse engineering on host, server, and network data as required
to analyze and respond to an incident, to include but not limited
to volatile and non-volatile memory and/or system artifact
collection and analysis. When properly authorized by the
Government, execute custom scripts, tools, and capabilities to
collect and analyze data, and to respond to incidents/events;
Develops, documents, and provides to the Government incident
investigation reports which include sufficient information to
document the entire lifecycle of the incident and the response,
including but not limited to adversary and friendly forces
activity, host and network analysis, timelines, and recommendations
for corrective actions, recommendations for new Tactics,
Techniques, and Procedures (TTP) and other recommendations as
appropriate, within 30 days of C-IRT stand-down; Conduct Quality
Control reviews of a percentage closed CSOC Tier 2 tickets each
week to ensure proper analysis, categorization, documentation, and
notification Preferred Qualifications: Masters degree IAT III
Qualifications that are nice to have: Juniper certification What’s
in It for You? Flexible work environment A team mentality – work
with friendly, like-minded professionals Work with innovative,
cutting edge technologies Enjoy extremely competitive compensation
and benefits A work-life balance you can count on Opportunities to
grow and advance your career on our dime The Benefits You Get with
Freedom Amazing benefits including matching 401k, fully paid
medical, and more Generous paid time off – including paid site
closure days Competitive salary offerings Paid training and tuition
reimbursement Referral bonuses Fully paid life and disability
Annual logo wear allowance Company sponsored events (game nights,
holiday party, summer party, happy hours) Interested in learning
more about Freedom and our culture? Contact us today! We’re
constantly hosting hiring events in our office and elsewhere, to
help you get a sense of what life is like at Freedom before joining
the team. As an Equal Opportunity Employer, we do not discriminate
on the basis of race, color, religion, sex, age, marital status,
disability or veteran status Applicant Federal & E-Verify Postings
VEVRAA Federal Contractor Accessibility: If you need an
accommodation as part of the employment process, please contact
Human Resources at Phone: 410-290-9035 Email: recruiting@goftsg.com
Equal Opportunity Employer, including disabled and veterans. If you
want to view the EEO Law poster, please choose your language:
English - Spanish - Arabic - Chinese If you want to view the EEO
Law Supplement poster, please choose your language: English -
Spanish - Chinese If you want to view the Pay Transparency Policy
Statement, please click the link: English
Keywords: Freedom Technology Solutions Group, Florissant , Cyber Security Analyst Tier 3, IT / Software / Systems , Saint Louis, Missouri
