Cybersecurity Operations Analyst
Intuitive Machines · Houston, TX · 3 mo ago
Information TechnologyFull-time
Responsibilities
- Monitor and analyze security alerts, investigate potential threats, and escalate issues as appropriate
- Perform troubleshooting, log analysis, and endpoint forensics using tools such as CrowdStrike Falcon, Wiz, and Tenable
- Support incident response activities, including documentation, communication, and coordination during security events
- Deploy, configure, and maintain endpoint security solutions, including EDR platforms
- Maintain endpoint compliance and investigate agent health or coverage issues
- Utilize security tools to support investigations and response efforts
- Review firewall logs to identify anomalies or potential security concerns
- Conduct periodic firewall policy reviews to ensure alignment with least-privilege principles
- Collaborate with network engineering on firewall-related issues and updates
- Maintain documentation of firewall rules, changes, and baselines
- Participate in post-incident reviews and document lessons learned to improve processes
- Aid in maintaining and refining operational procedures and runbooks
- Contribute to compliance reporting and documentation aligned with NIST 800-171/CMMC
- Identify opportunities to improve security processes and coverage
- Participate in tabletop exercises and security drills
- Work with IT and engineering teams to support remediation of vulnerabilities and security findings
- Contribute to risk management efforts by documenting and communicating security issues
- Stay current on cybersecurity threats, vulnerabilities, and best practices
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
- 8+ years of experience in cybersecurity operations, incident response, or related roles
- Experience with endpoint protection platforms (e.g., CrowdStrike Falcon, Microsoft Defender, or similar)
- Understanding of cloud security concepts (e.g., AWS security services, Wiz, or similar tools)
- Familiarity with SIEM tools, log analysis, and security event monitoring
- Working knowledge of NIST 800-171, CMMC, or similar cybersecurity frameworks
- DoD 8570 IAT Level II certification (e.g., Security+, CySA+, or equivalent), or ability to obtain within a defined timeframe
- Relevant certifications such as CySA+, GCIH, or CEH
- Experience in aerospace, defense, or other regulated environments
- Exposure to scripting or automation (PowerShell, Python)
- Familiarity with threat hunting or digital forensics concepts
- Strong communication skills and ability to collaborate across teams
Preferred Requirements
- Experience in aerospace, defense, or other regulated environments
- Exposure to scripting or automation (PowerShell, Python)
- Familiarity with threat hunting or digital forensics concepts
- Strong communication skills and ability to collaborate across teams