Cyber Operations Analyst

The Aerospace Corporation is the trusted partner to the nation’s space programs, solving the hardest problems and providing unmatched technical expertise. As the operator of a federally funded research and development center (FFRDC), we are broadly engaged across all aspects of space— delivering innovative solutions that span satellite, launch, ground, and cyber systems for defense, civil and commercial customers. When you join our team, you’ll be part of a special collection of problem solvers, thought leaders, and innovators. Join us and take your place in space.

The Aerospace Corporation is seeking an experienced cybersecurity professional to serve as a Cyber Operations Analyst (Information Security Staff III). In this dynamic role, you will function as a Tier 2/3 analyst responsible for handling escalated security events, conducting advanced threat analysis, and leading complex investigations across our enterprise environments. You will serve as a subject matter expert within our Security Operations Center (SOC), performing in-depth analysis of sophisticated threats, developing advanced detection capabilities, and mentoring junior analysts. You will leverage cutting-edge security tools, threat intelligence, and deep technical expertise to identify, analyze, and mitigate advanced cyber threats before they impact our mission. You will join a team of dedicated cybersecurity professionals who are chartered with securing Aerospace's classified and unclassified enterprise IT environments and viewed as leaders within the aerospace community.

The selected candidate will be required to work full-time on-site at our facility in Colorado Springs, CO. 

What You'll Be Doing

• Serving as Tier 2/3 escalation point for complex security alerts and incidents that require advanced analysis and investigation
• Conducting deep-dive investigations into sophisticated threats, advanced persistent threats (APTs), and complex attack scenarios
• Performing advanced threat hunting activities to proactively identify hidden threats, lateral movement, and persistent adversary presence across the enterprise
• Analyzing security alerts from SIEM platforms, intrusion detection systems, EDR tools, and other security technologies to determine attack vectors and adversary objectives
• Correlating data from multiple security tools and log sources to reconstruct attack timelines and identify full scope of compromise
• Leading incident response activities for escalated events, coordinating containment and remediation efforts with cross-functional teams
• Developing and tuning advanced detection rules, correlation searches, and behavioral analytics to improve threat detection capabilities
• Analyzing malware behavior, suspicious scripts, and attacker tools to understand adversary techniques and develop countermeasures
• Integrating threat intelligence into detection and response workflows, identifying relevant indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs)
• Providing technical guidance and mentorship to Tier 1 analysts, reviewing their work and helping develop their analytical skills
• Creating and maintaining advanced playbooks, investigation workflows, and technical documentation for complex scenarios
• Collaborating with incident response, threat intelligence, and security engineering teams on advanced security operations initiatives
• Conducting post-incident analysis and lessons learned to improve detection, response capabilities, and operational procedures
• Generating detailed technical reports and executive summaries on complex threats, investigation findings, and security trends
• Remaining informed on the latest advanced threats, adversary tradecraft, exploitation techniques, and cutting-edge security technologies
• Where necessary, providing after-hours escalation support for critical security incidents requiring senior analyst expertise

What You Need to be Successful- Information Security Staff III

Minimum Requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems or equivalent field of study, or equivalent experience
• 5-7 years of relevant experience in security operations, threat analysis, incident response, or SOC environments
• Proven experience as a Tier 2 or Tier 3 SOC analyst handling escalated and complex security incidents
• Advanced proficiency with SIEM platforms (Splunk, QRadar, LogRhythm, ArcSight, or similar) including custom query development
• Deep understanding of network protocols, traffic analysis, and advanced attack techniques
• Extensive experience analyzing security logs and correlating events across multiple data sources to identify sophisticated threats
• Strong knowledge of Windows and Linux operating systems, including forensic artifacts, persistence mechanisms, and attacker techniques
• Expertise with endpoint detection and response (EDR) platforms and advanced endpoint analysis
• Thorough understanding of the MITRE ATT&CK framework and ability to map adversary behavior to tactics and techniques
• Experience with threat hunting methodologies and tools to proactively identify threats
• Advanced skills in network packet analysis using Wireshark, tcpdump, or similar tools
• Ability to analyze malicious scripts, PowerShell commands, and basic malware behavior
• Strong understanding of the cyber kill chain and advanced persistent threat (APT) methodologies
• Excellent analytical and critical thinking skills with ability to synthesize complex technical information
• Strong written and verbal communication skills for documenting complex findings and briefing stakeholders
• Proven ability to work under pressure during critical incidents and manage multiple complex investigations
• This position requires the ability to obtain and maintain a US Secret security clearance, which is issued by the US government. U.S citizenship is required to obtain a security clearance.

How You Can Stand Out

It would be impressive if you have one or more of these:

• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, GMON, CySA+, CISSP, or equivalent
• Experience with security orchestration, automation, and response (SOAR) platforms and workflow automation
• Proficiency with scripting languages (Python, PowerShell, Bash) for automation, data analysis, and tool development
• Hands-on malware analysis or reverse engineering experience
• Experience with memory forensics and advanced forensic analysis techniques
• Knowledge of cloud security operations and threat detection in AWS, Azure, or GCP environments
• Experience working in classified or high-security environments with sensitive data
• Background with threat intelligence platforms (TIP) and developing custom threat intelligence
• Experience with network security monitoring (NSM) tools such as Zeek (Bro), Suricata, or Snort
• Track record of developing advanced detection content that identified previously undetected threats
• Experience participating in or supporting red team/purple team exercises
• Knowledge of adversary emulation frameworks and tools
• Experience mentoring or training junior analysts and developing SOC capabilities
• Understanding of compliance frameworks (NIST 800-53, NIST 800-171, CMMC) and their operational implications
• Current and active Secret clearance

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business.  The grade-based pay range for this job is listed below.  Individual salaries within that range are determined through a wide variety of factors including but not limited to education, experience, knowledge and skills.

(Min - Max)

Leadership Competencies

Our leadership philosophy is simple: every employee, regardless of level and role, can demonstrate leadership. At Aerospace, our commitment is our people. To cultivate our talent and ensure that we have a strong pipeline of future leaders, we want individuals who:

• Operate Strategically
• Lead Change   
• Engage with Impact   
• Foster Innovation   
• Deliver Results  

Ways We Reward Our Employees

During your interview process, our team will provide details of our industry-leading benefits.

Benefits vary and are applicable based on Job Type.  A few highlights include:

• Comprehensive health care and wellness plans

• Paid holidays, sick time, and vacation

• Standard and alternate work schedules, including telework options

• 401(k) Plan — Employees receive a total company-paid benefit of 8%, 10%, or 12% of eligible compensation based on years of service and matching contributions; employees are immediately eligible and vested in the plan upon hire

• Flexible spending accounts

• Variable pay program for exceptional contributions

• Relocation assistance

• Professional growth and development programs to help advance your career

• Education assistance programs

• An inclusive work environment built on teamwork, flexibility, and respect

We are all unique, from various backgrounds and all walks of life, yet one thing bonds all of us to each other—the belief that we can make a difference. This core belief empowers us to do our best work at The Aerospace Corporation.

Equal Opportunity Commitment

The Aerospace Corporation is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, age, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender, gender identity or expression, color, religion, genetic information, marital status, ancestry, national origin, protected veteran status, physical disability, medical condition, mental disability, or disability status and any other characteristic protected by state or federal law. If you’re an individual with a disability or a disabled veteran who needs assistance using our online job search and application tools or need reasonable accommodation to complete the job application process, please contact us by phone at 310.336.5432 or by email at peoplemangmnt.mailbox@aero.org . You can also review Know Your Rights: Workplace Discrimination is Illegal.