Cyber Security Operations Analyst
@ Bigbear.ai

Hybrid
Hybrid
Full Time
Posted 15 days ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXXX XXXXXXXXXXX XXXXXXXXX****** @bigbear.ai
Recommended after applying

Job Details

Overview

BigBear.ai is seeking a highly skilled and motivated Cyber Security Operations Analyst to safeguard digital assets and ensure the security of our innovative solutions. Join our dynamic cybersecurity team to perform threat analysis, incident response, and implement security measures.

What you will do

Threat Detection & Investigation:

  • Monitor and triage alerts from SIEM, EDR, email security, and other tools.
  • Investigate escalated alerts from MSSP or automated detections.
  • Perform threat hunting using IOCs, suspicious activity, and threat intelligence.

Incident Response:

  • Lead response for medium-to-high severity incidents.
  • Conduct root cause analysis and document findings in post-incident reports.
  • Coordinate with internal teams to contain and eradicate threats.

Security Tool Management:

  • Tune and maintain SIEM, EDR, and other security platforms.
  • Develop custom detection rules, dashboards, and reports.

Vulnerability & Risk Management:

  • Manage the lifecycle of vulnerability scanning, analysis, and remediation.
  • Validate and prioritize vulnerabilities based on risk and impact.
  • Collaborate with IT teams on patching and configuration changes.

Collaboration & Communication:

  • Act as a liaison between security operations and IT/business units.
  • Provide technical guidance to Tier 1 analysts.
  • Communicate findings and recommendations in clear language.

Continuous Improvement:

  • Recommend and implement process and tooling enhancements.
  • Maintain and refine incident response runbooks and escalation procedures.

What you need to have

  • 2–4 years of experience in security operations or incident response.
  • Hands-on experience with SIEM, EDR, and network security tools.
  • Strong understanding of threat actors, MITRE ATT&CK, and incident response best practices.
  • Ability to analyze logs, packets, and system behavior.
  • Excellent communication skills.

What we'd like you to have

  • Experience in a small-team environment with cross-functional responsibilities.
  • Familiarity with cloud security monitoring (AWS, Azure, or GCP).
  • Industry certifications: Security+, CySA+, GCIH, GCIA, etc.
  • Scripting skills (Python, PowerShell, or Bash) for automation.

About BigBear.ai

BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. Headquartered in McLean, Virginia, BigBear.ai is a public company traded on the NYSE under the symbol BBAI. For more information, visit bigbear.ai and follow them on LinkedIn (@BigBear.ai) and X (@BigBearai).

BigBear.ai is an Equal Opportunity Employer.

Key skills/competency

  • Cybersecurity
  • Threat Analysis
  • Incident Response
  • SIEM
  • EDR
  • Vulnerability Management
  • Risk Assessment
  • Cloud Security
  • Scripting
  • Collaboration
Apply without a personalized resume

How to Get Hired at Bigbear.ai

🎯 Tips for Getting Hired

  • Research BigBear.ai's culture: Study mission, values, reviews, and latest news.
  • Customize your resume: Highlight cybersecurity operations and incident experience.
  • Showcase certifications: Emphasize Security+, CySA+, and similar credentials.
  • Prepare for technical questions: Review SIEM, EDR and threat detection techniques.

📝 Interview Preparation Advice

Technical Preparation

Review SIEM and EDR configurations.
Practice threat hunting techniques.
Study incident response runbooks.
Strengthen scripting in Python or PowerShell.

Behavioral Questions

Describe teamwork during an incident.
Explain handling high-pressure situations.
Discuss communication with technical teams.
Share problem-solving under stress.

Frequently Asked Questions