• Perform advanced triage of alerts escalated from L1, determining true vs false positives. • Investigate security events across endpoint, identity, network, and cloud telemetry. • Correlate events and map adversary behavior to MITRE ATT&CK while enriching findings with relevant threat intelligence context. • Execute or coordinate containment actions including host isolation (EDR), account disablement (Entra ID / IAM), and blocking indicators such as IPs, domains, or hashes. • Partner with Incident Response teams on high-severity or multi-system incidents and document actions, timelines, and evidence with a clear chain of reasoning. • Conduct hypothesis-driven threat hunting across endpoint, identity, and cloud datasets, particularly during evening shifts and on rotation. • Provide structured feedback to Detection Engineering on false positives, detection gaps, and tuning opportunities.

• Drive the generation services and technologies business to meet or exceed quarterly and annual quota objectives in partnership with the account and domain teams. • Follows the Optiv Standardize Sales Operating Processes (SOPs) to achieve consistent success. • Understand and maintain knowledge of the client’s security environment, business operations, security needs, and risk appetite. • Identify a their security concerns and how they correlate to Optiv’s strategic solutions across the assigned domain and holistic cyber security programs. • Identify cross-sell and upsell opportunities across clients and Optiv's partner relationships. • Qualify lead and partner with internal colleagues to determine scope, proposal management, and follow through to closure. • Participate in sales opportunities across Optiv's entire portfolio. • Clearly articulate how the necessary elements of the Optiv technology and services portfolio meet the specific needs of the client stakeholders at the leadership level. • Stay abreast of industry trends, news, and maintain a broad understanding of the security landscape to facilitate thought leadership, support, analysis, and guidance to clients and internal Optiv groups. • Collaborate with service delivery to ensure the team has necessary supporting domain specialty materials that presents a consistent and comprehensive approach. • Effectively work with multiple client personas across the security team, as well as other relevant personas to develop security strategy and define roadmaps to execute on security strategy aligned business goals, budgetary spend, and metrics based on return of investment. • Maintain advisory relationships with key stakeholders at clients by facilitating thought leadership, support, information, and guidance in conjunction with sales partners. • Maintain strong working relationships with relevant Optiv technology partners, based on client spend, and Optiv focus. • Design and solution complete security programs to meet client objectives across technology and services including; facilitating new discussions by leveraging peer and industry network contacts performing requirements gathering analysis, and technology selection criteria coordinating demonstrations and security technology evaluations. • Interface and partner with the internal Optiv teams, particularly service delivery liaisons, to align client expectations with the entire Optiv solution portfolio to ensure service delivery excellence and client satisfaction. • Listen for client feedback and continually share with internal teams to evaluate and cultivate continuous improvement. • Participate in account planning, forecasting, and pipeline management activities. • Participate in managing and prioritizing the proposal process to create business proposals, contracts, and respond to RFI/RFP’s. • Actively pursue personal development by maintaining and obtaining technical capabilities, soft skills, and security specific knowledge through formal education, certification, and other avenues. • Proficient sales techniques; makes connections, facilitates meetings, reads the room, asks probing questions, overcomes objections, gains trust, maintains composure under pressure, positions solutions, and assist in finalization of sale.

Role Description As a Cybersecurity Operations Analyst IV, you will provide expert-level cybersecurity support across cloud and enterprise computing environments. You will: - Apply advanced knowledge of cybersecurity concepts, processes, practices, and procedures to perform technical assignments and ensure the protection of systems, networks, and data. - Support the integration and implementation of secure computer system solutions aligned with organizational security policies and mission requirements. - Work with engineering and infrastructure teams to evaluate security requirements, identify vulnerabilities, and recommend mitigation strategies to strengthen the overall security posture. - Weigh business needs against cybersecurity risks and clearly communicate security implications to both technical and non-technical stakeholders. Responsibilities - Support enterprise Cybersecurity standards. - Develop and implement Cybersecurity standards and procedures in accordance with government regulations. - Coordinate, develop, and recommend security processes. - Recommend Cybersecurity solutions to support customers’ requirements. - Identify and report security violations. - Recommend and satisfy Cybersecurity requirements based upon the analysis of CSPP, policy, regulatory, and resource demands. - Support customers at the highest levels in the development and implementation of processes and policies. - Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. - Support design and development of security features for system architecture requirements. - Analyze and make recommendations of security requirements for computer systems which may include mainframes, workstations, and personal computers. - Support design, development, engineering, and implementation of solutions that meet CSPP requirements. - Provide integration and implementation of the computer system security solution. - Analyze general Cybersecurity-related technical problems and provide basic engineering and technical support in solving these problems. - Support vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. - Perform all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access, theft, or destruction. - Ensure that all information systems are functional and secure. - Ensure cyber monitoring is performed timely and cyber responses occur within established processes/procedures. - Support efforts for critical processes outside of normal hours to include nights, weekends, and holidays. - Deploy rapid response to quickly resolve cyber events. - Communicate with senior customer stakeholders on reporting metrics (e.g., number of events, average time to respond, affected applications or platforms, etc.). - Prepare and distribute cyber/IA required reporting. - Ensure 100% of planned hours are worked and recorded. - Identify and forward to leadership any opportunities that could lead to growth within your work area. - Participate in growth efforts as requested. - Ensure all contractual deliverables are met or exceeded to the customer's satisfaction. - Complete personal PDP and attend staff meetings and Storytime (with camera on). - Build productive and positive professional relationships with clients within your program. - Execute all contract requirements as assigned in accordance with the contract-specific LCAT and requirements. Qualifications - Active Public Trust clearance. - Bachelor’s degree in Information Systems, Computer Science, Engineering, or a related technical field with at least 12 years of relevant experience. - Demonstrated experience supporting cloud systems administration and infrastructure operations. - Ability to troubleshoot infrastructure and system issues with moderate guidance. - Working knowledge of cloud infrastructure administration, automation, and security principles. - Strong expertise in cloud infrastructure administration, automation, and security principles. - Proficiency in scripting languages such as PowerShell, Python, or Bash for automation and configuration management. - Experience with network administration, including switches, routers, and VoIP infrastructure. - Strong knowledge of Splunk, writing SPL, creating dashboards, and onboarding new applications. Preferred Additional Qualifications - Hands-on experience with public or private cloud deployments. - Knowledge of IT infrastructure best practices and industry standards. - Experience in network and domain administration. - Familiarity with cloud-based automation tools and methodologies. - Strong analytical and troubleshooting skills. - Experience with Agile development methodologies. Benefits - Competitive compensation. - Health and wellness programs. - Income protection. - Paid leave. - Retirement and savings. - Learning and development opportunities. Company Description JHNA, CTSi, and EXPANSIA have come together to form a Defense Technology platform focused on delivering high-impact technologies, technology-enabled services, and advanced manufacturing solutions to the U.S. Department of Defense and related national security customers. Backed by Falfurrias Management Partners, the platform brings together deep domain expertise across Army, Navy, and Air Force and Space Force programs, digital engineering, systems integration, and specialized manufacturing capabilities. The combined organization operates as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth, operational excellence, and long-term value creation.

• Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers • Be part of a SOC on-call rotation during weekends (every fourth weekend) • Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents • Operate security tools like CNAPP, EDR, SIEM, DLP, various AI tools, vulnerability management solutions, and others • Develop correlation rules to expand our threat detection capability; enrich the rules with threat intelligence • Automate repetitive tasks by utilizing AI and traditional automation through API interfaces • Perform threat hunting to proactively detect incidents • Liaise with GRC and Product Security to mitigate risks in both enterprise and production environments • Investigate, document, and report on information security issues and emerging trends.