Cyber Defense Analyst

Company Description

We were early to the fight against Ubiquitous Technical Surveillance, and we’ve been pushing the edge ever since. Our mission is to help government and enterprise organizations understand and manage commercial data risks, shape their digital signatures, and operate with confidence in an increasingly complex information landscape. We build and integrate advanced, tech-forward solutions to problems our customers often don’t know they have – until it matters most. We move fast, think critically, and deliver where it counts. What’s in it for you? We work hard and do fun things. You’ll work on high-impact, technically challenging problems alongside a team that values teamwork over competition. Veilant offers a solid work-life balance and flexible remote work options. At Veilant, you’ll work with the most talented software developers, systems engineers, and subject matter experts, building tools and systems that make a real difference.

Job Description

Veilant is looking for a Cyber Defense Analyst to join our Information Security team and help defend our enterprise environment against active and emerging cyber threats. In this role, you will monitor network and endpoint activity, investigate security alerts, tune detections, and help surface anomalous behavior across our SIEM and EDR stack, including Microsoft Defender for Endpoint, Elastic, and Splunk. This role is ideal for someone with a strong technical foundation, curiosity about how systems behave, and hands-on interest in alert triage, detection engineering, threat hunting, and incident response. What You’ll Do Monitor endpoint and network activity using Microsoft Defender for Endpoint, Elastic, Splunk, and related security tools. Triage and investigate alerts, distinguishing benign activity from suspicious or malicious behavior. Develop, tune, and maintain detections using KQL, ES|QL, SQL, SPL, or similar query languages. Translate threat intelligence, IOCs, TTPs, and emerging threat reporting into actionable detections, dashboards, queries, and hunts. Conduct targeted threat hunts using frameworks such as MITRE ATT&CK. Document incidents, including timelines, indicators, scope, findings, remediation steps, and lessons learned. Build dashboards and visualizations that improve visibility into enterprise activity and anomalies. Contribute to playbooks that improve the team’s speed, consistency, and effectiveness during investigations. Collaborate with security, IT, and Engineering teams to support investigations and response activities. What Success Looks Like In the first six months, you will build a working understanding of Veilant’s environment, independently triage alerts, improve detection logic, contribute to threat hunts, document incidents, and help strengthen playbooks that make the team faster and more effective.

Qualifications

Must Haves: Four-year degree in Computer Science, Cybersecurity, Computer Engineering, or a related field, or equivalent hands-on experience in cybersecurity, networking, systems administration, systems engineering, military cyber operations, information warfare, communications, intelligence, or secure enterprise operations. At least two years of experience in cybersecurity, networking, systems administration, systems engineering, cyber operations, or a related technical role. Working knowledge of Windows Workstation and Windows Server operating systems. Knowledge of network protocols, traffic patterns, and common attack behaviors. Experience with one or more of the following:EDR platforms SIEM platforms Vulnerability management tools Threat intelligence sources Log analysis, alert triage, or incident investigation workflows Ability to investigate alerts, correlate evidence across data sources, and escalate findings clearly. Ability to write, modify, or tune detections using KQL, ES|QL, SQL, SPL, or similar query languages. Familiarity with using AI tools to support investigations, analysis, documentation, or workflow efficiency. Strong problem-solving, communication, and documentation skills. Must be eligible to obtain a U.S. Government Security Clearance. Additional Information Why You’ll Love Working Here: Innovative Environment: Work in a setting where your ideas and expertise are valued. Collaborative Culture: Be part of a team that supports each other and works toward shared goals. Career Growth: Opportunities for professional development and career advancement. Here are some Perks! Flexible PTO + holidays Generous 401k match benefit up to 10%, with an automatic 3% safe harbor contribution and additional matching based on employee contributions. Medical (HSA & PPO Plans Available), dental, vision, disability, and life insurance Employer Contribution to Health Savings Account (HSA) Learning & Development opportunities Professional coaching services Get the technology you want to do your job We have free daily snacks & drinks Physical Requirements: Must be able to remain in a stationary position 50% of the time. The person in this position needs to occasionally move about inside the office Constantly work with computers and other information technology equipment The ability to communicate information and ideas in a classroom style format, may stand at a podium for long periods of time We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran status, or any other characteristic protected by law. We are proud to be an equal opportunity workplace. If you require a reasonable accommodation to apply for a position with Veilant through its online applicant system, please contact Veilant's Talent Management Department at (703) 544-2424 or contact us through e-mail at [email protected]