ZipRecruiter

Log In

1

Cyber Defense Contractor Jobs (NOW HIRING)

Amentum

Cyber Analyst - MID

Fort George G Meade, MD ยท On-site

$70K - $105K/yr

Perform cyber analysis in support of intelligence, operational, and defensive cyberspace missions ... Contractor-provided training and certification upkeep (unless Government-directed) * Ability to ...

Pae

Cyber Analyst - MID

Fort George G Meade, MD ยท Hybrid

$70K - $105K/yr

Perform cyber analysis in support of intelligence, operational, and defensive cyberspace missions ... Contractor-provided training and certification upkeep (unless Government-directed) * Ability to ...

next page

Showing results 1-20

All JobsCyber Defense Contractor Jobs

Cyber Defense Contractor information

See salary details

$44.5K

$107.5K

$151K

How much do cyber defense contractor jobs pay per year?

As of Jun 19, 2026, the average yearly pay for cyber defense contractor in the United States is $107,522.00, according to ZipRecruiter salary data. Most workers in this role earn between $91,500.00 and $126,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Cyber Defense Contractors when working with multiple clients?

Cyber Defense Contractors often juggle the unique security requirements and protocols of different clients, which can be challenging when each organization uses distinct technologies and risk management approaches. Navigating varied compliance standards, staying current with evolving threats, and ensuring clear communication between internal and client teams are also key hurdles. Adaptability, strong organizational skills, and a proactive approach to learning are essential to successfully manage these challenges and deliver effective security solutions.

What is a Cyber Defense Contractor?

A Cyber Defense Contractor is a professional or organization hired to protect a company's or government agency's digital infrastructure from cyber threats. Their responsibilities include assessing vulnerabilities, implementing cybersecurity measures, monitoring networks for suspicious activity, and responding to cyberattacks. These contractors often work on a project or contract basis for public or private sector clients, and may specialize in areas like network security, incident response, or risk assessment. Due to the sensitive nature of their work, they often require security clearances and must stay updated on the latest threats and technologies.

What are the key skills and qualifications needed to thrive as a Cyber Defense Contractor, and why are they important?

To thrive as a Cyber Defense Contractor, you need in-depth knowledge of cybersecurity principles, risk assessment, and incident response, usually supported by a degree in computer science or cybersecurity and relevant industry certifications like CISSP or CEH. Expertise in tools such as SIEM platforms, intrusion detection systems, and vulnerability scanners is typically required. Strong analytical thinking, attention to detail, and effective communication set top performers apart in this role. These skills and qualities are vital for proactively protecting critical assets, swiftly managing threats, and ensuring clear coordination within security teams.

What is the difference between Cyber Defense Contractor vs Cyber Security Analyst?

AspectCyber Defense ContractorCyber Security Analyst
CredentialsCertifications like CISSP, CEH, Security+Certifications like Security+, CISSP, GIAC
Work EnvironmentContract-based, often on-site or remote for clientsFull-time, in-house or remote within organizations
Employer & IndustryConsulting firms, government agencies, private companiesCorporations, government agencies, financial institutions
Search & Comparison IntentContract roles, cybersecurity consultingSecurity monitoring, incident response

While both roles focus on cybersecurity, a Cyber Defense Contractor typically works on short-term projects providing specialized defense services for clients, whereas a Cyber Security Analyst is a full-time employee responsible for ongoing security monitoring and incident response within an organization.

More about Cyber Defense Contractor jobs
What cities are hiring for Cyber Defense Contractor jobs? Cities with the most Cyber Defense Contractor job openings:
What states have the most Cyber Defense Contractor jobs? States with the most job openings for Cyber Defense Contractor jobs include:
What job categories do people searching Cyber Defense Contractor jobs look for? The top searched job categories for Cyber Defense Contractor jobs are:
Cyber Defense Contractor jobs near you
Infographic showing various Cyber Defense Contractor job openings in the United States as of June 2026, with employment types broken down into 1% Locum Tenens, 1% As Needed, 95% Full Time, 1% Part Time, 1% Temporary, and 1% Contract. Highlights an 92% Physical, 3% Hybrid, and 5% Remote job distribution, with an average salary of $107,522 per year, or $51.7 per hour.
Cyber Defense Operator (Intermediate)

Cyber Defense Operator (Intermediate)

Bristol Bay Native Corporation

San Antonio, TX โ€ข On-site

$90K - $116K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 18 days ago

Job description

STS Systems Defense, LLC (SSD) is a government consulting and contracting firm supporting federal agencies and military installations across the U.S. We are seeking a Cyber Defense Operator (Intermediate) to support our ongoing mission at Lackland Air Force Base in San Antonio, TX.
What You'll Do:
  • Review all IDS/IPS alerts per AFCERT Operating Instruction (OI) and checklists at the AOL, COOP, or Ops Floor. Conduct host security monitoring, alert review, and intrusion detection analysis for the AFIN-SOC mission.
  • Develop, Review and Maintain procedures related to the overall monitoring of Hosts/Systems.
  • Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities. (CDRL A002)
  • Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation. Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources, including but not limited to Big Data Platform (BDP).
  • Analyze traffic/logs/events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.
  • Record who, what, where, why and when for any identified suspicious activity in case management system (CMS) case to enable additional investigations. (CDRL A008)
  • Conduct triage of suspicious activity alerts and logs in order to make a fast and accurate triage decision. (CDRL A008)
  • Enter event data into mission support systems in accordance with AFIN SOC operational procedures and reports. (CDRL A008)
  • Provide monthly performance metrics including but not limited to: readiness, qualifications, events processed, CAT events and incidents identified. (CDRL A005)
  • Escalate security incidents using established policies and procedures.
  • Generate end of mission reports (MISREPS) and provide pass-on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.
  • Provide computer security-related support to AF field units (examples: 688 Cyber Wing Squadrons, Base Communications Squadrons, Mission Defense Teams), as directed by CCC, in countering vulnerabilities, minimizing risk, and improving the security posture of AF computers networks and systems within the scope of AFIN SOC operational requirements and mission execution.
  • Provide focused DCO tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises.
  • Conduct 24x7x365 near real-time network security monitoring and intrusion detection analysis for the networks, systems monitored using AF's selected IDS/IPS capabilities with no more than a 1% error rate. (CDRL A005)
  • Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated as needed through the approved documentation system, in order to ensure efficient transition when personnel rotate.
  • Create and document metrics for reporting and analysis to improve alert triage processes and mission execution. (CDRL A009)
  • Provide requested information to operational leadership as it relates to mission execution.
  • Conduct intake of administrative and operational communication from external agencies and route the communication to the Mission Lead/Crew Commander.
  • Perform security checks every four hours to verify external doors are properly closed and no suspicious activity is taking place around the facility. If suspicious activity is observed or suspected, contact and inform the Crew Commander.
  • Initiate emergency checklists due to imminent threat, as directed by Crew Commander. Call emergency responders (Security Forces/Fire Department etc.) if needed via 911. The Crew Commander is responsible for all official reporting.
  • Inform Crew Commander for all anomalies to include, but not limited to: utility outages, flooding, sick/missing members, or any other irregularity with the potential to adversely impact the mission.
  • Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures. (CDRL A002)
  • Provide feedback on detection mechanisms that are both true and false positive events to ESM and Content Development as applicable.
  • Participate in planning, briefing, and debriefing tasks as directed by CDO Mission Lead or Crew Commander.
  • Accomplish assigned weapon system access, ORM, Go/No Go, reports, TTP updates and TAR submissions.
  • Execute approved scoping actions. Find endpoints matching target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other correlating data to determine extent of compromises.
  • Execute approved response actions against target: accounts, registry configurations, files, processes, IP addresses, ports, domains, or other system components to contain compromises.
  • Analyze threat intelligence (TIPPERS) as directed by CDO Mission Lead or Crew Commander to include contextual information, IoCs, TTPs, vulnerabilities, effects, and actionable intelligence about threats mapped to the MITRE threat framework.
  • Work with CDO Mission Lead for prioritization and assignment of tasks.
  • Provide CDO Mission Lead support, notify CDOs of Crew Commander prioritized tasks, tracking all required mission systems and functions.

What You Bring:
Requirements:
  • DoDD 8570.01-M/8140.01 I AT Level I CND
  • Active TS/SCI
  • GCFA Certification (GIAC Certified Forensic Analyst)
  • Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP); and understand the network Open Systems Interconnection (OSI) model. Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects)

What We Offer:
STS Systems Defense, LLC (SSD) offers a competitive benefits package to include paid holidays, paid time off including sick and vacation leave, medical, dental and vision insurance, flexible spending accounts, short and long term disability, company paid life insurance, 401(k) with a company match and discretionary profit sharing and tuition reimbursement.
SSD is an Equal Opportunity Employer. Employment decisions are made without regard to any protected category. Hiring preference will be given to BBNC shareholders, their spouses and descendants and Alaska Natives in accordance with Public Law 93-638

Apply