Cyber Defense Operator (CDO)
$75K - $95K/yr
Cyber Defense Operator (CDO ) - TS/SCI Level Clearance Required - Located in San Antonio, Texas The ability of the Cyber Defense Operator (CDO) is to complete its mission dependent upon accurate ...
Cyber Defense Operator (CDO)
$75K - $95K/yr
Cyber Defense Operator (CDO ) - TS/SCI Level Clearance Required - Located in San Antonio, Texas The ability of the Cyber Defense Operator (CDO) is to complete its mission dependent upon accurate ...
Cyber Defense Operator (CDO)
TX · On-site
$75K - $95K/yr
Cyber Defense Operator (CDO ) - TS/SCI Level Clearance Required - Located in San Antonio, Texas The ability of the Cyber Defense Operator (CDO) is to complete its mission dependent upon accurate ...
Cyber Defense Operator (CDO)
TX · On-site
$75K - $95K/yr
Cyber Defense Operator (CDO ) - TS/SCI Level Clearance Required - Located in San Antonio, Texas The ability of the Cyber Defense Operator (CDO) is to complete its mission dependent upon accurate ...
Cyber Defense Operator (Intermediate)
San Antonio, TX · On-site
$90.20K - $116.40K/yr
S. We are seeking a Cyber Defense Operator (Intermediate) to support our ongoing mission at Lackland Air Force Base in San Antonio, TX. What You'll Do: * Review all IDS/IPS alerts per AFCERT ...
Cyber Defense Operator (Intermediate)
San Antonio, TX · On-site
$90.20K - $116.40K/yr
S. We are seeking a Cyber Defense Operator (Intermediate) to support our ongoing mission at Lackland Air Force Base in San Antonio, TX. What You'll Do: * Review all IDS/IPS alerts per AFCERT ...
Cyber Defense Analyst - Lead Program: SBA - Enterprise Cybersecurity Services (ECS) Position ... standard operating procedures. * Provide operational analysis and recommendations regarding ...
Cyber Defense Analyst - Lead Program: SBA - Enterprise Cybersecurity Services (ECS) Position ... standard operating procedures. * Provide operational analysis and recommendations regarding ...
Helping the nation's cyber operators do their jobs better, faster, and at greater scale * Creating game-changing capabilities for defensive cyberspace operations As an interdisciplinary group, we ...
Helping the nation's cyber operators do their jobs better, faster, and at greater scale * Creating game-changing capabilities for defensive cyberspace operations As an interdisciplinary group, we ...
Helping the nation's cyber operators do their jobs better, faster, and at greater scale * Creating game-changing capabilities for defensive cyberspace operations As an interdisciplinary group, we ...
Helping the nation's cyber operators do their jobs better, faster, and at greater scale * Creating game-changing capabilities for defensive cyberspace operations As an interdisciplinary group, we ...
Helping the nation's cyber operators do their jobs better, faster, and at greater scale * Creating game-changing capabilities for defensive cyberspace operations As an interdisciplinary group, we ...
Helping the nation's cyber operators do their jobs better, faster, and at greater scale * Creating game-changing capabilities for defensive cyberspace operations As an interdisciplinary group, we ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating systems of a network device based on network traffic - Reconstruct a malicious attack or activity based off network traffic - Identify network mapping and operating system (OS ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
... operating system (OS) fingerprinting/other baselining activities - Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed ...
Director, Cyber Defense
Reston, VA · On-site
Experience with Agile or modern delivery and operating models. * Knowledge of privacy, regulatory, and compliance considerations impacting cyber defense. Work Requirements * This role requires ...
Director, Cyber Defense
Reston, VA · On-site
Experience with Agile or modern delivery and operating models. * Knowledge of privacy, regulatory, and compliance considerations impacting cyber defense. Work Requirements * This role requires ...
Knowledge of system administration, network, and operating system hardening techniques. * Knowledge ... Perform cyber defense trend analysis and reporting. * Perform initial, forensically sound ...
Quick apply
Knowledge of system administration, network, and operating system hardening techniques. * Knowledge ... Perform cyber defense trend analysis and reporting. * Perform initial, forensically sound ...
... and operating systems of a network device based on network traffic • Reconstruct a malicious ... on cyber defense network tools in response to new or observed threats within the network ...
Quick apply
... and operating systems of a network device based on network traffic • Reconstruct a malicious ... on cyber defense network tools in response to new or observed threats within the network ...
Cyber Defense Operator information
See salary details
$34K - $46.9K
4% of jobs
$46.9K - $59.8K
0% of jobs
$59.8K - $72.7K
4% of jobs
$72.7K - $85.6K
7% of jobs
$96.2K is the 25th percentile. Wages below this are outliers.
$85.6K - $98.5K
11% of jobs
$98.5K - $111.5K
5% of jobs
The median wage is $116.7K / yr.
$111.5K - $124.4K
44% of jobs
$124.4K - $137.3K
10% of jobs
$137.3K - $150.2K
11% of jobs
$150.2K - $163.1K
2% of jobs
$163.1K - $176K
0% of jobs
$34K
$112.9K
$176K
How much do cyber defense operator jobs pay per year?
As of May 29, 2026, the average yearly pay for cyber defense operator in the United States is $112,871.00, according to ZipRecruiter salary data. Most workers in this role earn between $91,500.00 and $130,000.00 per year, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as a Cyber Defense Operator, and why are they important?
To thrive as a Cyber Defense Operator, you need expertise in network security, threat analysis, and incident response, often supported by a degree in cybersecurity or computer science and relevant certifications like CompTIA Security+ or CISSP. Familiarity with security information and event management (SIEM) tools, intrusion detection systems (IDS), and malware analysis platforms is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for this role. These skills and qualities are vital for detecting, mitigating, and communicating about cyber threats to protect organizational assets.
What are some common challenges a Cyber Defense Operator faces when responding to security incidents?
Cyber Defense Operators often navigate challenges such as rapidly evolving threats, incomplete or ambiguous data, and the need to coordinate with multiple teams under time pressure. Responding effectively requires balancing thorough investigation with swift action to contain threats and minimize damage. Clear communication with IT, management, and sometimes external stakeholders is essential, as is the ability to adapt to new attack vectors and technologies. Continual learning and staying updated on the latest threat intelligence are key to success in this dynamic environment.
What are Cyber Defense Operators?
Cyber Defense Operators are professionals responsible for protecting an organization’s digital infrastructure from cyber threats, such as hacking, malware, and unauthorized access. They monitor network activity, investigate security incidents, and implement measures to prevent cyberattacks. These specialists use various tools and techniques to detect vulnerabilities and respond quickly to security breaches, ensuring the safety and integrity of sensitive information. Cyber Defense Operators often work as part of a larger cybersecurity team and are essential for maintaining robust information security in today’s digital world.
What is the difference between Cyber Defense Operator vs Cyber Security Analyst?
| Aspect | Cyber Defense Operator | Cyber Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CEH, CISSP (preferred) | CompTIA Security+, CISSP, GIAC certifications |
| Work Environment | Operational security teams, SOCs, incident response centers | Security teams, risk management departments, consulting firms |
| Primary Focus | Monitoring, detecting, and responding to cyber threats in real-time | Analyzing security data, assessing vulnerabilities, developing security policies |
While both roles focus on cybersecurity, a Cyber Defense Operator primarily handles real-time threat detection and incident response, working within security operations centers. In contrast, a Cyber Security Analyst often focuses on analyzing security data, assessing risks, and developing security strategies. Both roles require similar certifications and work in related environments, but their day-to-day responsibilities differ in scope and focus.
More about Cyber Defense Operator jobs
What job categories do people searching Cyber Defense Operator jobs look for? The top searched job categories for Cyber Defense Operator jobs are:
$75K - $95K/yr
Full-time
Medical, Dental, Vision, Retirement, PTO
Posted 17 days ago
Job description
Cyber Defense Operator (CDO) - TS/SCI Level Clearance Required - Located in San Antonio, Texas
Job Description
The ability of the Cyber Defense Operator (CDO) is to complete its mission dependent upon accurate, timely and thorough event analysis in order to identify intruder or potential intruder activities utilizing host and network monitoring and system logs. The CDO shall correlate information gathered to provide effective methods to protect Air Force (AF) systems. Upon identification of suspicious activity on AF networks, open network intrusion investigation(s) to validate the unauthorized activity and determine the type and extent of activity.
Responsibilities
- When CAT events are escalated to incident response, complete incident response process, including: preparation, identification and scoping, containment, eradication and remediation, recovery, and lessons learned.
- Upon identification of suspicious activity on AF networks, open network intrusion investigation(s) to validate the unauthorized activity and determine the type and extent of activity.
- Provide AF Office of Special Investigations (OSI) DCO technical support to law enforcement and counter‐intelligence agencies and activities if required.
- Participate and contribute to lessons learned meetings and briefings.
- Support planned and same‐day Incident Response deployments.
- Comply with 3rd party MOU/MOA monitoring and reporting requirements. Analyze host DCO events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.
- Conduct cyber investigations in order to determine the initial vector and overall timeline of intrusion, accurately identify the threat, determine the full scope of impact, and develop containment and remediation actions for approval.
- Author and review incident report forms (IRF) for security incidents within JEMS. Ensure the document is accurate and provides the correct amount of technical detail needed. (CDRL A008)
- Provide AF Office of Special Investigations (OSI) DCO technical support to law enforcement and counter‐intelligence agencies and activities if required.
- Generate end of mission reports (MISREPS) and provide pass‐on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc. with no more than a 5% error rate.
- Generate end of mission reports (MISREPS) and provide pass‐on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc.
- Provide computer security‐related support to AF field units as directed by CCC, in countering vulnerabilities, minimizing risk, and improving the security posture of AF computers networks and systems within the scope of AFIN SOC operational requirements and mission execution.
- Participate in planning, briefing, and debriefing tasks as directed by CDO Mission Lead or Crew Commander.
- Provide feedback on detection mechanisms that are both true and false positive events to ESM and Content Development as applicable.
- Design incident response plans (IRP) as directed by the Crew Commander. Ensure CDOs are briefed on objectives, ROEs, plans, contingencies, and applicable TTPs.
- Accomplish assigned weapon system access, ORM, Go/No Go, reports, TTP updates, and TAR submissions.
Basic Qualifications
- Active TS/SCI Level Clearance.
- Active IAT Level II Cert (ex: CompTIA Security+)
- Ability to gain the CSSP Incident Responder Certification (GCFA) Certification requirement within 120-days of hire date.
Preferred Qualifications
- 3+ years of relevant technical, cyber security, and business work experience
Benefits
Medical, Dental, Vision, Unlimited Vacation, Sick Leave, Paid Federal Holidays, Education and Certification Reimbursement Program, 401(k) retirement plan with safe harbor employer match after 3 months, Prepaid legal plan and ID protection plan available, Accident Insurance, Critical Illness Insurance, and Hospital Indemnity Insurance available.
EEOC Statement
IPSecure does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protected veteran.
About IPSECURE
Sourced by ZipRecruiter
Industry
It services
Company size
51 - 200 Employees
Headquarters location
San Antonio, TX, US
Year founded
2000