BigBear.ai

Compensation

Full Description

Note: The job is a remote job and is open to candidates in USA. BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. They are seeking a highly skilled Cybersecurity Operations Analyst to safeguard their digital assets through threat analysis, incident response, and the implementation of security measures against cyber threats. Responsibilities • Monitor and triage alerts from SIEM, EDR, email security, and other monitoring tools • Investigate escalated alerts from MSSP or automated detections • Perform threat hunting based on IOCs, suspicious activity, and threat intelligence • Lead response for medium-to-high severity incidents • Conduct root cause analysis and document findings in post-incident reports • Coordinate with internal teams to contain and eradicate threats • Tune and maintain SIEM, EDR, and other security platforms to improve detection fidelity • Develop custom detection rules, dashboards, and reports • Lead the lifecycle of vulnerability management, from scanning and analysis to remediation tracking • Validate and prioritize vulnerabilities based on their exploitability and potential impact to business operations • Work directly with IT teams to provide guidance and technical recommendations for patching and configuration changes • Track remediation efforts to ensure vulnerabilities are addressed in a timely manner • Act as a liaison between security operations and IT/business units • Provide technical guidance to Tier 1 analysts • Communicate security findings and recommended actions to stakeholders in clear, non-technical language • Recommend and implement process and tooling enhancements • Maintain and refine incident response runbooks and escalation procedures Skills • 4+ years of experience in security operations, and incident response • Hands-on experience with SIEM, EDR, and network security tools • Strong understanding of threat actors, attack techniques (MITRE ATT&CK), and incident response best practices • Ability to analyze logs, packets, and system behavior to detect and investigate malicious activity • Excellent written and verbal communication skills • Experience in a small-team environment with cross-functional responsibilities • Familiarity with cloud security monitoring (AWS, Azure, or GCP) • Industry certifications such as Security+, CySA+, GCIH, GCIA, or similar • Scripting skills (Python, PowerShell, or Bash) for automation • Experience working with software development teams • Experience collaborating with MSSP • Collaboration experience with the IT GRC team, working with and maturing controls • IAM experience with Okta, Entra, and IGA products (SailPoint) • Experience with password management products, including rolling out offerings to teams and department Education Requirements • Bachelor's degree in related field Company Overview • BigBear.ai's mission is to deliver clarity for the world's most complex decisions. It was founded in 2020, and is headquartered in Fairfax, Virginia, USA, with a workforce of 501-1000 employees. Its website is https://www.bigbear.ai.