Sr. Cyber Defense Analyst

Visual Connections, LLC seeking a Sr. Cyber Defense Analyst.

Onsite (Martinsburg, WV)

At Visual Connections, cybersecurity is part of a broader suite of capabilities designed to help government and commercial customers modernize and secure their operations. Our offerings include program and portfolio management, AI/automation, UX engineering, enterprise app development, data analytics, and telecom infrastructure. Proudly veteran-owned, our teams deliver robust cyber defensethreat detection, incident response, continuous monitoringalongside agile IT and data services. If you seek to grow in a collaborative, mission-centered culture, partnering with agencies like DoD, HHS, CMS, and CDC, Visual Connections is your place to drive real impact.

Job Summary

As a Sr. Cyber Defense Analyst supporting the Department of Veterans Affairs, you will serve as a critical leader in the design, development, and operationalization of advanced cybersecurity monitoring and detection capabilities. In this role, youll configure and tune a range of security monitoring toolsincluding Splunk, Microsoft Sentinel, Defender for Endpoint, and SOAR platformsto identify and respond to sophisticated cyber threats in real time. Your responsibilities will include crafting custom detection logic and queries, mapping threat activity to the MITRE ATT&CK framework, and applying machine learning and pattern analysis to strengthen defenses. Youll play a key role in onboarding new data sources, developing detection playbooks, and ensuring high-quality, actionable security analytics across VAs cloud, SaaS, identity, and networking environments. Youll collaborate with incident response, forensics, and threat intelligence teams, providing expert guidance and clear communication to both technical and non-technical stakeholders. By participating in cyber exercises and regularly assessing the efficacy of analytics and automation, youll help maintain a resilient and proactive security posture for the VA making a direct impact on protecting veteran data and government systems.

Responsibilities

Configure monitoring tools to detect threat actor techniques and/or behavioral indicators

Craft custom search queries using Splunk (SPL), as well as Microsoft Defender for Endpoint and Microsoft Sentinel (KQL)

Provide subject matter expertise to support security detections in one of the following areas:

Cloud technologies

SaaS

Identity and access management

Networking

Splunk

EDR

Map security detections to the MITRE ATT&CK Framework

Research and develop configuration recommendations to facilitate operationalization of new data sources for detection of adversarial activities

Use machine learning and pattern analysis to improve detection of specific types of threats

Collaborate effectively with cross-functional teams, including incident response, forensics, threat intelligence, IT, and network administrators

Clearly communicate technical information and detection-related updates to management and stakeholders

Develop and operationalize advanced security analytics to detect and respond to sophisticated cyber threats in near real-time

Develop and implement detection feedback processes - e.g., tuning false positives, decommissioning, etc.

Ensure completeness and consistency regarding data quality of detections

Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy

Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate detection and incident response, including enrichment, containment, and remediation actions

Support the operationalization of new security detections, including building reference documentation, investigation guidelines, and tuning considerations

Stay informed about the latest cybersecurity threats, trends, and best practices

Actively participate in cybersecurity exercises, drills, and simulations to improve incident response understanding

Requirements

Candidates must possess a professional level certification in one of the following subject areas:

IDAM (ex: Microsoft Identity and Access Administrator Associate)

SIEM (ex: Splunk Power User)

Bachelor's degree in computer science, cybersecurity, information technology, or a related field (or equivalent work experience)

8+ years of experience supporting large-scale IT related projects

4+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)

A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure the SOC operates effectively in a high-pressure environment

Strong experience with security technologies including SIEM, IDS/IPS, EDR, and network monitoring tools

Experience with security focused cloud-native tooling such as Azure Sentinel and AWS GuardDuty

Experience with enterprise ticketing systems like ServiceNow

Excellent analytical and problem-solving skills

Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight

Ability to function in multiple capacities and learn quickly

Strong verbal and written communication skills

Other Information:

Work locations: Onsite Martinsburg, WV

Visual Connections, LLC offers a full benefits package including:

Full Medical, Dental, Prescription and Vision health care

11 Paid Holidays annually

Paid time off

Short Term, Long Term Disability and Life Insurance

Employee Assistance Program (EAP)

Training and Development opportunities including professional certification and educational reimbursement

Visual Connections, LLC provides employment opportunities for all employees and applicants in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

We are a Service-Disabled, Veteran-Owned Small Business; and a Certified Maryland Business Enterprise. We were established in 2007 to provide public and private sector clients with robust web-based applications, Health IT and Portfolio and Program Management services. We have proven ourselves to be valuable partners who can deliver both qualitative and quantitative results to our clients. Our versatile, efficient and experienced team has a stellar record of past performance, working with the Department of Defense (DoD), Department of Health and Human Services (DHHS), Veterans Health Administration (VHA), Centers for Medicare and Medicaid Services (CMS),Centers for Disease Control and Prevention (CDC) and, Blue Cross Blue Shield (BCBS). With an employee base well versed in different disciplines, we are able to deliver high quality customizable solutions. #J-18808-Ljbffr