Zachary Piper Solutions is seeking a proactive and detail-oriented Cyber Operations Analyst to join our team. In this role, you will serve as the primary escalation point for security alerts, incidents, and threat investigations. You will analyze, contain, and remediate security events, working closely with IT and business teams to protect our systems, data, and users.
As part of a small team, you will have the opportunity to own multiple aspects of the security operations lifecycle—from daily monitoring to process improvement—while helping to mature our cyber defense capabilities.

REQUIRED QUALIFICATIONS:

• Must be a U.S. Citizen with the ability to obtain and maintain a DoD Secret clearance
• 2–4 years of experience in incident response and network monitoring (cyber)
• Hands-on experience with SIEM, EDR, and network security tools.
• Strong understanding of threat actors, attack techniques (MITRE ATT&CK), and incident response best practices.
• Ability to analyze logs, packets, and system behavior to detect and investigate malicious activity.
• Excellent written and verbal communication skills.
• Experience in a small-team environment with cross-functional responsibilities.
• Familiarity with cloud security monitoring (AWS, Azure, or GCP).
• Industry certifications such as Security+, CySA+, GCIH, GCIA, or similar.
• Experience with automation scripting skills (Python, PowerShell, or Bash)

PREFERRED SKILL SET:

• Experience with Okta, Entra, and IGA products
• Analytical mindset with strong problem-solving skills.
• Adaptability to switch between monitoring, incident response, and project work.
• Collaboration across IT and business teams.
• Ownership of tasks from identification to resolution.

o Track remediation efforts to ensure vulnerabilities are addressed in a timely manner.

• Collaboration & Communicatio

• Threat Detection & Investigation
  o Monitor and triage alerts from SIEM, EDR, email security, and other monitoring tools.
  o Investigate escalated alerts from MSSP or automated detections.

o Perform threat hunting based on IOCs, suspicious activity, and threat intelligence.

• Incident Response

o Lead response for medium-to-high severity incidents.
o Conduct root cause analysis and document findings in post-incident reports.

o Coordinate with internal teams to contain and eradicate threats.

• Security Tool Management

o Tune and maintain SIEM, EDR, and other security platforms to improve detection fidelity.

o Develop custom detection rules, dashboards, and reports.

• Vulnerability & Risk Management

o Lead the lifecycle of vulnerability management, from scanning and analysis to remediation tracking.
o Validate and prioritize vulnerabilities based on their exploitability and potential impact to business operations.
o Work directly with IT teams to provide guidance and technical recommendations for patching and configuration changes.

o Track remediation efforts to ensure vulnerabilities are addressed in a timely manner.

• Collaboration & Communication

o Act as a liaison between security operations and IT/business units.
o Provide technical guidance to Tier 1 analysts.

o Communicate security findings and recommended actions to stakeholders in clear, non-technical language.

• Continuous Improvement

o Recommend and implement process and tooling enhancements.
o Maintain and refine incident response runbooks and escalation procedures.