Cybersecurity Analyst - Tier 2 (On-Site)

The following states/districts are excluded from this job ad: AK, CA, CO, CT, DC, HI, LA, MA, MN, MO, NE, NV, NH, NJ, NM, NY, ND, OR, PR, RI, VT, WA, WY

Location(s): Hines Information Technology Center (ITC) Building 215, 1st Avenue, North of 22nd Street, Hines, Illinois 60141

Are you ready to defend critical systems against today's most advanced cyber threats? We are seeking a Cybersecurity Analyst - Tier 2 to monitor alerts, investigate incidents, and ensure swift, effective responses to protect data and systems.

Position Description: The Cybersecurity Analyst - Tier 2 safeguards the Department of Veterans Affairs (VA) digital assets and responds to, investigates, and mitigates potential cyber threats.

Minimum/General Experience: 3 years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)

Minimum Education: Bachelors degree in computer science, cybersecurity, information technology or related field; Must have or be willing to obtain one of the following certifications: GIAC Certified Incident Handler, EC-Council's Certified Incident Handler (E|CIH), GIAC Certified Incident Handler (GCIH), Incident HandlingResponse Professional (IHRP), Certified Computer Security Incident Handler (CSIH), Certified Incident Handling Engineer (CIHE), EC-Council's Certified Ethical Hacker

Essential Skills/Qualifications:

• Above average understanding of cybersecurity principles and incident response methodologies
• Strong experience with security technologies (e.g., Security Information and Event Management (SIEM), Intrusion Detection System/Intrusion Prevention System (IDS/IPS), Endpoint Detection and Response (EDR), network monitoring tools)
• Experience with enterprise ticketing systems (e.g., ServiceNow)
• Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions
• Ability to learn and function in multiple capacities
• Ability to be proactive in a high-pressure environment to ensure SOC operates effectively
• Excellent analytical and problem-solving skills
• Excellent verbal and written communication skills
• Ability to work third shift (10:30PM ET - 7:00AM ET) to support 24/7 cybersecurity operations

General Physical Requirements needed to perform the essential functions of this job may vary based on the location of the assignment .

• Assignment Location(s) - Hines Information Technology Center (ITC) Building 215, 1st Avenue, North of 22nd Street, Hines, Illinois 60141
• Sedentary Work - Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects.
• Typing, communicating, repetitive motions.
• Close visual acuity to prepare and analyze data, view computer monitors and read. May need to view presentation screens and other visual aids in a virtual setting.
• Inside environmental conditions with protection from outside elements.

Security : Ability to obtain/maintain a Federal Civilian Public Trust

• U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years

Federal Civilian Public Trust Consists of a review of up to but not limited to:

• Covers 10 year period and in some instances lifetime events
• OPM Security Investigations Index (SII)
• DOD Defense Central Investigations Index (DCII)
• National Agency Check (NAC) records
• FBI name check
• FBI fingerprint check
• Credit report check
• Written inquiries to previous employers and references listed on the application for employment
• Potential interviews with the subject, spouse, neighbors, supervisor, coworkers
• Law enforcement check
• Court records check
• Education check- Attendance and Degrees

Acceptable Credentials

Tasks/activities include, but are not limited to:

• Performs real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM and EDR
• Makes accurate determination of what alerts are false positives or require further investigation and prioritization
• Leads and actively participates in the investigation, analysis, and resolution of cybersecurity incidents
• Analyzes attack patterns, determines the root cause, and recommends appropriate remediation measures to prevent future occurrences
• Ensures accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned
• Collaborates with knowledge management teams to maintain up-to-date incident response playbooks
• Collaborates effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators
• Communicates clear technical information and incident-related updates to management and stakeholders
• Identifies and actions opportunities for tuning alerts to make the incident response team more efficient
• Monitors the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
• Leverages Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
• Supports the mentoring and training of more junior incident response staff
• Stays informed about the latest cybersecurity threats, trends, and best practices
• Participates in cybersecurity exercises, drills, and simulations to improve incident response capabilities

CompensationBenefits: The annual projected pay range for this position is $93,538.00 - $103,319.00 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.

Oxley Enterprises, Inc. offers a full array of benefits including:

• Medical, dental, vision and prescription drug coverage for you and your family.
• Life Insurance, short-term disability and long-term disability paid for by the Company.
• Supplemental coverages including Accident, Critical Illness, and Hospital.
• Additional Life insurance coverage for you and your dependents.
• 401k plan with various options to select based on your retirement goals.

Oxley Enterprises, Inc. is a certified service-disabled veteran-owned (SDVOSB), economic disadvantaged woman-owned (EDWOSB), Small Business Administration Certified 8(a), and small disadvantaged business (SDB) that has 25 years of experience building and delivering quality IT systems and programs. Oxley is ranked in the INC 5000 7 times (2016, 2017, 2018, 2021, 2023, 2024, 2025). Oxley is a 2019 - 2025 Department of Labor HIRE Vets Medallion Award Winner. Oxley is Virginia Values Veterans certified.

All qualified applicants will receive consideration for employment without regard to any status protected by applicable federal, state, or local law.

If you require a reasonable accommodation to apply for a position at Oxley Enterprises, Inc., please send an email to our Human Resources Department at: [email protected] with the following information:

Subject Line: Accommodation Request

Provide a description of your accommodation request

Include your contact information: Full name, Email address, Best number to reach you (optional)

We participate in the E-Verify program.