Security Analyst (Mid-level)

Dark Wolf Solutions is seeking a Mid-Level Security Analyst to support the Unified Platform Cyber Operations & Security Center (COSC) in San Antonio, TX. The Security Analyst will play a critical role in monitoring, triaging, and responding to cybersecurity incidents across multi-tenant, cloud-native, and hybrid environments.This position requires strong hands-on experience with security operations center (SOC) workflows, threat detection, log analysis, vulnerability management, and proactive cyber defense techniques. The Security Analyst will work collaboratively with senior cybersecurity staff and engineering teams to protect and sustain platform operations.

Key Responsibilities

• Monitor and triage security alerts from SIEM platforms and other security tooling to detect malicious activity, vulnerabilities, and system anomalies.
• Analyze logs, network traffic, and endpoint telemetry to identify and investigate suspicious behavior.
• Assist in incident response activities including initial triage, containment actions, evidence collection, and incident documentation.
• Support vulnerability scanning activities; review findings and collaborate with teams on mitigation strategies.
• Contribute to threat hunting efforts by identifying anomalous behaviors, potential threats, and areas for enhanced visibility.
• Maintain and update incident tracking and case management systems.
• Assist with tuning SIEM detection rules and optimizing alert fidelity.
• Support the development and maintenance of cybersecurity procedures, incident playbooks, and knowledge bases.
• Participate in continuous improvement efforts to enhance COSC detection, monitoring, and response capabilities.
• Provide operational security reporting and assist in preparing situational awareness briefings.

Basic Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent industry experience.
• Minimum of 3–5 years of experience in cybersecurity operations, incident response, threat detection, or SOC analysis.
• Hands-on experience working with SIEM platforms (e.g., Elastic Stack, Splunk, LogRhythm).
• Familiarity with IDS/IPS systems, endpoint protection, vulnerability management tools, and network security monitoring.
• Strong analytical skills with the ability to investigate, troubleshoot, and document security incidents.
• Solid understanding of cybersecurity principles, malware behavior, and adversary TTPs.
• Strong written and verbal communication skills.
• US Citizenship required with an active Secret clearance and eligibility for Top Secret/SCI.

Desired Qualifications

• Security certifications such as Security+, CySA+, GCIA, GCIH, or equivalent.
• Familiarity with threat intelligence platforms, incident case management systems, or automated security response frameworks.
• Experience in supporting Department of Defense cybersecurity environments.
• Familiarity with RMF, NIST 800-53 security controls, and vulnerability management frameworks.
• Experience using scripting languages such as Python or PowerShell for basic security automation tasks.

The estimated salary range is $105,000.00 - $130,000.00, commensurate on experience, technical expertise, certifications, and clearance level.

Primary work location is San Antonio, TX. Hybrid model with a mix of remote and on-site support; on-site presence required for classified system activities.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
 
 In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.