Sentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity, intelligence, analytics, and systems engineering. We invite you to join the small business team where you can build, innovate, and secure your career.

The Cyber Operations Center (CyOC) Analyst plays a critical role in cyber vulnerability analysis, continuous monitoring, and SIEM-based threat detection for the Defense Health Agency (DHA) Cyber Operations Center (CyOC). This role is responsible for identifying, analyzing, and mitigating cybersecurity threats using SIEM platforms, cyber threat intelligence feeds, and vulnerability management tools. The analyst will support DHA’s mission-critical healthcare IT infrastructure by leveraging advanced analytics, real-time monitoring, and risk assessment methodologies to protect the Medical Community of Interest (Med-COI).

As a key member of the CyOC team, the analyst will manage security event data, perform correlation analysis on cyber incidents, track IAVM compliance, and ensure threat intelligence integration across DHA’s cybersecurity ecosystem. This position demands strong SIEM expertise, vulnerability scanning experience, and a proactive approach to cyber defense.

Key Responsibilities

Cybersecurity Monitoring, SIEM Operations & Threat Analysis

Monitor SIEM dashboards (e.g., Splunk, Elastic, ArcSight) to detect, analyze, and respond to cybersecurity incidents. Conduct log correlation, forensic analysis, and anomaly detection using Splunk, HBSS, and centralized logging platforms. Develop custom Splunk SIEM queries and detection rules for advanced persistent threats (APTs), insider threats, and unauthorized network activity. Perform cyber threat intelligence (CTI) correlation by ingesting USCYBERCOM advisories, OSINT indicators of compromise (IoCs), and SIGACT data into SIEM tools. Lead automated alert tuning and SIEM rule refinement to reduce false positives and enhance threat detection accuracy. Perform incident correlation analysis, supporting CSSP threat hunt teams and forensic investigations.

Cyber Vulnerability Management & Risk Analysis

Utilize Assured Compliance Assessment Solution (ACAS) to conduct vulnerability scans, analyze scan results, and track remediation efforts. Perform continuous monitoring (ConMon) assessments to identify misconfigurations, compliance deviations, and risk areas. Track, analyze, and report on IAVM compliance, POA&Ms, and system risk ratings for DHA networks and Med-COI assets. Assess DHA’s cyber exposure, identifying high-risk vulnerabilities and prioritizing remediation efforts based on DoD risk scoring frameworks (CMRS, VRAM, NIST 800-40). Develop cyber risk analytics reports, identifying trends, attack surface shifts, and emerging threat vectors. Ensure integration of cyber vulnerability data with SIEM dashboards, enabling real-time risk visualization and automated threat prioritization.

Incident Coordination & Response

Triage and investigate security incidents identified in SIEM platforms, working with incident response (IR) and forensic teams to contain threats. Facilitate incident documentation and escalation procedures, ensuring compliance with JFHQ-DoDIN and USCYBERCOM reporting requirements. Coordinate remediation actions with affected system owners, ensuring adherence to DoD incident handling and mitigation protocols. Support real-time cyber threat response operations, correlating SIEM alerts with vulnerability data and network logs to validate attack scenarios.

Cybersecurity Reporting & Compliance

Develop and deliver daily, weekly, and monthly cybersecurity risk reports to DHA leadership and interagency partners. Track and report cyber compliance metrics, ensuring alignment with DoD directives, DISA CCRI requirements, and JFHQ-DoDIN scoring. Maintain and enhance automated SIEM-based compliance dashboards, integrating ConMon, IAVM, and incident management metrics. Assist in security control validation and audit preparations, ensuring DHA systems meet DoDI 8530.01, RMF, and NIST 800-53 standards.

Interagency Coordination & Information Management

Serve as a liaison between CyOC, USCYBERCOM, JFHQ-DoDIN, and VA CSOC to share real-time cyber event data and intelligence. Manage the flow and lifecycle of cybersecurity advisories, alerts, and tactical orders, ensuring DHA stakeholders receive timely updates. Support cross-functional collaboration between vulnerability management, SIEM analysts, threat hunters, and incident response teams. Lead working groups focused on cyber analytics, detection engineering, and proactive threat hunting.

Qualifications:

Clearance Level: Active Secret Clearance required (TS/SCI preferred).

Certifications: Active IAT Level II certification or higher (Security+ CE, CySA+, CCNA Security, GSEC, or equivalent); CISSP, CASP+, or CISM preferred.

Experience:

Minimum of 10 years of experience in cybersecurity operations, SIEM management, vulnerability analysis, or cyber threat intelligence (or 10+ years without a technical degree). Hands-on expertise in SIEM platforms, with strong proficiency in Splunk, Elastic SIEM, ArcSight, or similar platforms. Experience with continuous monitoring (ConMon), vulnerability management, and risk assessment frameworks (IAVM, CMRS, VRAM, NIST 800-40, RMF). Proficiency in cybersecurity tools such as HBSS, ACAS, Splunk, VRAM, CMRS, and DISA compliance monitoring platforms. Understanding of DoD cybersecurity frameworks, including DoDI 8530.01, NIST 800-53, and JFHQ-DoDIN incident response protocols.

Benefits at Sentar:

In addition to a great culture, Sentar not only fosters an inclusive work environment but also offers an extensive benefits package designed to cater to the well-being of its employees and their families.

Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees Generous 401(k) match Competitive PTO plan that graduates quickly with years of service Other leave programs; holiday schedule along with bereavement, jury and military duty Mental health awareness programs Tuition reimbursement Professional development reimbursement Recognition and Awards programs

If you are not ready to apply for this position, submit your resume here to join our talent community. We'll keep you updated occasionally on new job opportunities.

Sentar is an Affirmative Action and Equal Opportunity Employer M/F/Vets/Persons with Disabilities

Our culture is one of inclusivity and support. Sentar is proudly an Equal Opportunity and VEVRAA Federal Contractor Employer M/F/Vets/Persons with Disabilities. Follow these links to learn more about your rights: EEO Is the Law Poster; EEO Is Law Supplement; and Pay Transparency.

We want you to build your career at Sentar, so if you are an individual with a disability and require a reasonable workplace accommodation applying for a job or at any point in the employment process, contact the Recruiting Manager at recruiting@sentar.com. Please indicate the specifics of the assistance needed. Thank you for considering Sentar in your employment search.

Build, Innovate, Secure Your Career at Sentar.