Security Analyst / Technical Lead (Senior)

Dark Wolf Solutions is seeking a highly motivated and experienced Senior Security Analyst / Technical Lead to support the Unified Platform Cyber Operations & Security Center (COSC) in San Antonio, TX. In this role, you will lead technical cybersecurity analysis, incident response, vulnerability management, and threat intelligence activities supporting secure, resilient platform operations across multiple security domains.This is a hands-on leadership role requiring deep knowledge of cybersecurity technologies, threat landscapes, incident response frameworks, and operational security tooling. The Security Analyst / Technical Lead will mentor junior analysts, drive technical initiatives, and provide expert-level support across COSC mission activities.

Key Responsibilities

• Lead and participate in incident response activities, including containment, eradication, recovery, and forensic analysis.
• Analyze security alerts, logs, and network telemetry to detect malicious activity, security breaches, and vulnerabilities.
• Conduct forensic analysis of compromised systems and networks to determine root cause and impact.
• Develop and maintain incident response plans, playbooks, and standard operating procedures.
• Lead and manage vulnerability scanning, analysis, prioritization, and remediation tracking across cloud and on-premise environments.
• Monitor and analyze emerging cyber threats, vulnerabilities, and zero-day risks; generate threat intelligence reports and disseminate findings to stakeholders.
• Conduct proactive threat hunting using SIEMs, endpoint detection platforms, and network analysis tools.
• Evaluate, recommend, and implement security tools and automation technologies to enhance operational efficiency.
• Develop and maintain security automation scripts and workflows to streamline triage and incident response.
• Mentor and guide junior security analysts, providing technical leadership and best practice guidance.
• Contribute to the development of COSC security policies, standards, and operational processes.
• Prepare detailed technical reports, after-action reports, and executive summaries on security incidents, vulnerabilities, and platform risk posture.

Basic Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related technical field.
• Minimum of 6 years of experience in cybersecurity analysis, incident response, vulnerability management, or threat hunting.
• Strong knowledge of cybersecurity principles, operational security best practices, and threat actor tactics, techniques, and procedures (TTPs).
• Hands-on experience with SIEM platforms (e.g., Splunk, Elastic, LogRhythm, ArcSight).
• Experience with IDS/IPS systems, endpoint protection platforms, and forensic analysis tools.
• Familiarity with vulnerability scanning and assessment tools (e.g., Nessus, Qualys, Rapid7).
• Experience scripting in languages such as Python, PowerShell, or Bash for security automation.
• Strong analytical and problem-solving skills with the ability to work under pressure during incident response operations.
• Excellent communication skills, with the ability to convey complex security issues to technical and non-technical audiences.
• US Citizenship required with an active Secret clearance and eligibility for Top Secret/SCI.

Desired Qualifications

• Security certifications such as CISSP, CISM, CEH, GCIH, OSCP, or equivalent.
• Experience supporting Department of Defense cybersecurity operations or working within a SOC environment.
• Cloud security experience across AWS, Azure, or Google Cloud Platform.
• Familiarity with security frameworks and compliance models such as NIST 800-53, NIST 800-171, ISO 27001, and RMF/ATO processes.
• Experience in malware analysis, digital forensics, and insider threat detection.
• Familiarity with threat intelligence platforms and open-source intelligence (OSINT) tools.

The estimated salary range is $145,000.00 - $185,000.00, commensurate on experience, technical expertise, certifications, and clearance level.

Primary work location is San Antonio, TX. Hybrid model with a mix of remote and on-site support; on-site presence required for classified system activities.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
 
 In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.