New

Senior Cyber Security Analyst

Hexagon US Federal
paid holidays, tuition reimbursement, 401(k)
United States, Alabama, Huntsville
301 Cochran Road Southwest (Show on map)
Apr 11, 2026
Company Overview Hexagon US Federal is a proxy-governed subsidiary of Hexagon AB providing an ever expanding portfolio of Hexagon Technologies to U.S. Federal Government organizations, including defense and intelligence agencies to meet a variety of mission requirements. With our unique capabilities and experience we transform state-of-the-art commercial technology into mission-specific solutions for our customers, partnering with them to solve their most challenging problems. Quick Hits Employees: 200 Operating Locations: Chantilly, VA (HQ); Huntsville, AL; Lanham , MD, and other client sites across the US We are seeking a Senior Cyber Security Analyst in Huntsville, AL. We are seeking a highly capable Senior Cyber Security Analyst who will support the security operation center as part of a distributed enterprise IT team. This role requires a strong technical foundation across hybrid on-premises and cloud infrastructure, a high degree of responsibility, IT security disciplines, and the ability to operate in a fast-paced, compliance-driven environment. Lead and execute advanced security monitoring, incident response, threat hunting, and risk-reduction activities to protect company assets, systems, and information data. Coordinate with cross-functional teams to improve security posture across enterprise. Key Responsibilities: Security monitoring & detection: Design, tuning, maintain IDS/IPS, SIEM, EDR, and log collection pipelines to detect advanced threats. Incident Response: Establish and implement an operational incident-handling capability for organizational systems, encompassing preparation, detection, forensic collection, analysis, containment, eradication, recovery, user response, and post-incident root-cause analysis. Track and document incidents, produce reports and recommendations, notify relevant authorities, and conduct tests of the organization's incident response capability. Threat hunting & intelligence: Proactively hunt for threats across networks, endpoints, cloud, and applications using threat intelligence, YARA rules, KQL queries, and custom tooling. Vulnerability management: Coordinate regular vulnerability scanning, assess risk, prioritize remediation, and validate fixes. Risk assessment & remediation: Conduct risk assessments, threat modeling, and security reviews for systems, applications, and projects; propose mitigations and track remediation. Security architecture & controls: Advise on secure design and configuration for onpremises infrastructure and cloud (Azure/AWS), network, identity, and application layers; implement security controls and hardening. Automation & tooling: Develop automation (playbooks, SOAR, scripts) to streamline detection, response, and reporting. Compliance & governance: Support audits and regulatory compliance programs (e.g., CMMC, NIST 800-171, DFARS 7012) by providing evidence, mapping controls, and remediation tracking. Metrics & reporting: Define and report key security metrics (MTTD, MTTR, incident counts, vulnerability trends); brief technical and executive stakeholders. Collaboration: Work with Enterprise IT, DevOps, HR, legal, and business units to integrate security into product/programs, change management, and release processes. Competencies and Traits: Strong problem-solving and investigative mindset. Calm under pressure with decisive incident leadership. Ability to translate technical findings into business risk terms. Proactive, continuous learner who keeps up with threat landscape. What we are expecting from you (i.e. the qualifications you must have): 12+ years of hands-on experience in security operations, incident response, threat hunting, or related roles. Strong knowledge of SIEM or logging platform (e.g., Splunk, Elastic, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and network security tooling. Experience with hybrid on-premises/cloud security environments using AWS/Azure and securing physical systems, virtual machines, and containers. Proficiency with one or more scripting languages (Bash, Python, PowerShell, or Perl) and building detection queries. Solid understanding of TCP/IP, DNS, HTTP, SSL/TLS, authentication protocols (OAuth, SAML), and common attack vectors. Solid understanding of MITRE ATT&CK framework/Cyber Kill Chain. Familiar with vulnerability scanning tools (Tenable/Nessus, Qualys), and remediation reporting workflows. Familiarity with FedRAMP controls and cloud security frameworks (AWS, Azure, or hybrid on-premises/multi-cloud environments). Incident response and digital forensics experience. Excellent analytical, communication, and stakeholder management skills. Bachelor's degree in Computer Science, Information Security, Cybersecurity, or 7 years equivalent relevant experience (or relevant certifications). Knowledge of DISA STIGS, CIS benchmarks, STIG Viewer, and SCAP Compliance Checker. Preferred Qualifications: Certifications: Security+, CySA+, CEH, CASP+/SecurityX, CISSP, or equivalent. Experience with SOAR platforms (Palo Alto Networks, Splunk, Elastic). Familiarity with compliance frameworks (CMMC, NIST 800-171, NIST 800-53, DFARS). Prior experience in a SOC, MSSP, or large enterprise environment. Clearance: None Expected Travel: 5-10% Work Environment: Work is performed primarily in a professional office environment, subject to typical conditions. Physical and Mental Demands: The physical and mental demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions. Ability to remain in a stationary position and operate a computer for extended periods. Occasional ability to move or transport items up to 25 pounds. Communicate effectively in English (verbal, written) and possess visual and auditory acuity for tasks and safety. Manage multiple tasks, prioritize, and maintain focus in dynamic environments. Demonstrate strong problem-solving, critical thinking, and analytical skills. Maintain consistent attendance, punctuality, and high professional standards. What we will provide in return: - Competitive health care plans with savings accounts - Dental and vision plans - 401k with 100% company match up to 6%, with immediate vesting on company match - Life and disability insurance - Learning Management System with robust offerings - Tuition Reimbursement Program - Flexible working arrangements where possible - 13 paid holidays per year - Veterans' focused Employee Resources Group with regular educational sessions and communications - Leadership Development Program with multiple learning options Hexagon US Federal is an Equal Employment Opportunity Employer. We comply with all applicable federal anti-discrimination laws and provide reasonable accommodations for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and need an accommodation due to a disability, you may use the following email address, hr@hexagonusfederal.com and/or phone number (703) 264-5600 to contact us about your interest in employment with Hexagon US Federal. All qualified applicants will receive consideration for employment without regard to protected veteran status, disability status, or any other protected class covered by federal, state, or local law. Hexagon US Federal participates in E-Verify. At Hexagon US Federal, we prioritize a secure and thorough hiring process. Be aware that we will never extend an employment offer without a careful review and interview process, and all official communications from our representatives will come from a verified Hexagon US Federal email address, never requesting upfront fees or sensitive information.