• Secret Mid-Level Cyber Threat Emulation Analyst

    Insight Global (Colorado Springs, CO)


    Job Description

    A client of Insight Global's is looking for a Secret Mid-Level Cyber Threat Emulation Analyst, to join their team! This position will play a key role in supporting the Missile Defense Agency (MDA).

    Job Responsibilities:

    - Perform proactive and reactive cybersecurity duties on customer networks to strengthen enterprise-wide security posture.

     

    - Analyze assets, threats, and vulnerabilities to identify weaknesses and enhance network defenses; measure effectiveness of defense-in-depth architecture.

     

    - Develop, review, and update Defensive Cyber Operations (DCO) procedures, processes, manuals, and related documentation.

     

    - Generate vulnerability assessment reports, escalate findings, and support enterprise-wide incident response in compliance with DoD regulations; lead cyber events and investigations from start to finish.

     

    - Execute Cyber Threat Emulation (CTE) actions using automated validation tools; create dashboards and reports detailing vulnerabilities, remediation steps, and security posture assessments.

     

    - Draft and submit Cyber Tasking Orders (CTOs) to address issues identified during CTE engagements; implement Higher Headquarters Tasking Orders (HHQ) and Fragmentary Orders as directed.

     

    - Mentor and train analysts at all levels; collaborate with Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ and industry best practices.

     

    This position is onsite full-time in Colorado Springs, CO or Huntsville, Alabama the salary range for this role is between $120,000 - $132,000/yr depending on years and level of experience, education, and certifications. This role requires an Active Secret Clearance or higher. Typical benefits offered include flexible work schedules, educational reimbursement, retirement benefits (401K match), employee stock purchase plan, health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental leave.

     

    We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

     

    Skills and Requirements

    - DoD Secret Security Clearance (Top Secret Preferred)

    - DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CySA+, GICSP, GSEC, Security+ CE, SSCP)

     

    - 6+ years of general work experience

    - 4 years of experience directly related to:

    Performing manual or automated penetration test in an enterprise environment

    Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments

    Experience performing the full life cycle of incident response and enterprise-level monitoring

     

    - 1+ years of management or leadership experience in a team environment

     

    - Currently hold, or obtain within 6 months of start date, a PenTest+ certification - Bachelor’s degree, or higher, in Cybersecurity, Computer Science or related field

     

    - Experience working with Cyber Threat Emulation tools, policies, and procedures

    - Experience operating custom software on top of a Linux platform

    - Experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)

     

    - Experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.

     

    - Experience performing security compliance scans across a WAN (ACAS/Nessus preferred)

     

    - Background in configuration, troubleshooting, and deployment of host-based security (ESS preferred)

     

    - Experience mentoring and training personnel in an evolving, high-paced environment

     

    - Familiarity with DoD Security Operations Centers (SOC) (aka CSSP) and DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures