1

Cyber Security Operations Jobs in Virginia (NOW HIRING)

Cybersecurity Analyst (CDAP) - Senior

Fairfax, VA · On-site

$99K - $128K/yr

This position supports Task 3 - Cybersecurity Operations Support, contributing to a comprehensive and proactive cybersecurity program that defends ARNG classified and unclassified network ...

Senior Cybersecurity Manager

Herndon, VA · On-site

$140K - $180K/yr

This role provides strategic and operational leadership to ensure the confidentiality, integrity, and availability of systems supporting TSA's mission. The role integrates cybersecurity across on ...

This position supports Task 3 - Cybersecurity Operations Support - by assisting with the design and evaluation of cybersecurity architectures for mission systems and enterprise environments across ...

next page

Showing results 1-20

Cyber Security Operations information

See Virginia salary details

$56.5K

$131.8K

$184.4K

How much do cyber security operations jobs pay per year?

As of Jul 2, 2026, the average yearly pay for cyber security operations in Virginia is $131,822.00, according to ZipRecruiter salary data. Most workers in this role earn between $110,000.00 and $148,700.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals in Cyber Security Operations, and how can they be addressed?

Professionals in Cyber Security Operations often face challenges such as rapidly evolving threats, high-pressure incident response situations, and the need to balance proactive monitoring with reactive mitigation. Staying current with the latest cyberattack techniques and security tools is essential, as is maintaining effective communication within cross-functional teams. Addressing these challenges involves continuous learning, participating in threat intelligence sharing, and fostering a culture of collaboration and knowledge-sharing within the organization.

What is Cyber Security Operations?

Cyber Security Operations refers to the processes, teams, and technologies involved in monitoring, detecting, analyzing, and responding to security threats in an organization's digital environment. Professionals in this field work to protect networks, systems, and data from cyberattacks by continuously assessing vulnerabilities and implementing security measures. Their responsibilities often include incident response, threat intelligence, and ensuring compliance with security policies. Cyber Security Operations centers (SOCs) are often established to centralize and manage these activities effectively.

What are the key skills and qualifications needed to thrive in Cyber Security Operations, and why are they important?

To thrive in Cyber Security Operations, you need expertise in network security, incident response, threat analysis, and a relevant degree or industry certifications like CISSP or CEH. Familiarity with security information and event management (SIEM) tools, firewalls, intrusion detection systems, and malware analysis platforms is essential. Strong problem-solving skills, attention to detail, and effective communication help professionals respond quickly and collaborate with stakeholders. These skills are critical for protecting organizational assets, minimizing cyber risks, and ensuring operational resilience against evolving threats.

What is the difference between Cyber Security Operations vs Cyber Security Analyst?

AspectCyber Security OperationsCyber Security Analyst
CertificationsCompTIA Security+, CISSP, CEHCompTIA Security+, CISSP, CEH
Work EnvironmentSecurity operations centers, monitoring teamsAnalysis teams, incident response
Employer & Industry UsageOrganizations with dedicated security teamsOrganizations analyzing threats and vulnerabilities

Cyber Security Operations focuses on managing and monitoring security systems, incident response, and maintaining security infrastructure. Cyber Security Analysts primarily analyze security data, identify threats, and recommend improvements. While both roles require similar certifications and often work in overlapping environments, Operations roles are more hands-on with security tools, whereas Analysts focus on threat analysis and reporting.

What are popular job titles related to Cyber Security Operations jobs in Virginia? For Cyber Security Operations jobs in Virginia, the most frequently searched job titles are:
Cybersecurity Analyst (CDAP) - Senior

Cybersecurity Analyst (CDAP) - Senior

ECS

Fairfax, VA • On-site

$99K - $128K/yr

Full-time

This job post has expired today. Applications are no longer accepted.


Job description

Position Summary
ECS is seeking a Cybersecurity Analyst (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support, contributing to a comprehensive and proactive cybersecurity program that defends ARNG classified and unclassified network environments and enables Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility. The Cybersecurity Analyst (CDAP) performs monitoring and analysis of security telemetry within CDAP, conducts alert triage and log analysis, documents findings, supports remediation tracking, and assists with dashboard updates and detection tuning in coordination with SOC and defensive cyber personnel.
In this role, the analyst helps protect mission-critical enterprise services supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The position operates within the ARNG cyber mission supporting Title 10 and Title 32 operations, mobilization readiness, domestic emergency response, and both classified SIPRNet and unclassified environments. The role aligns with ENOCS cybersecurity operations that leverage integrated SIEM/C2C/DLP analytics, USIEM data sources, MITRE ATT&CK-based analytics, and coordination with the NETCOM Global Cyber Center and DISA DCDC to strengthen continuous monitoring, threat detection, and ARNG cybersecurity policy compliance.
Please Note: This position is contingent upon contract award.
Responsibilities
  • Monitor and analyze CDAP security telemetry to identify potential threats, anomalous activity, and security misconfigurations affecting ARNG classified and unclassified network environments.
  • Perform alert triage, log review, and basic correlation using established analytic rules to support Task 3 cybersecurity operations and continuous monitoring objectives.
  • Document investigative findings, maintain clear records of observed conditions, and support remediation tracking in coordination with SOC and defensive cyber personnel.
  • Assist with dashboard updates to improve visibility into cyber conditions, incident trends, and operational status across the DoDIN-Army-NG area of responsibility.
  • Support detection tuning under senior oversight to improve the quality and relevance of cyber alerts and monitoring outputs within CDAP.
  • Contribute to monitoring activities that align with integrated SIEM/C2C/DLP analytics and USIEM-enabled visibility used to centralize threat detection and response.
  • Apply established analytic approaches that support MITRE ATT&CK-based detection and analysis methods used across ENOCS cybersecurity operations.
  • Coordinate with cybersecurity operations stakeholders supporting 24x7x365 monitoring, incident escalation, and defensive actions in concert with broader SOC processes.
  • Support cybersecurity activities performed in coordination with the NETCOM Global Cyber Center and DISA DCDC to help maintain ARNG cyber freedom of action and policy compliance.

Required Qualifications
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
  • Experience monitoring security events, alerts, and logs to identify suspicious activity, misconfigurations, or indicators requiring further analysis.
  • Experience documenting findings and maintaining remediation or follow-up actions with accuracy and attention to detail.
  • Familiarity with continuous monitoring activities supporting DoD and ARNG cybersecurity policy compliance.
  • Ability to support dashboard maintenance and reporting used to communicate cybersecurity status and trends.
  • Experience working with SOC or defensive cyber personnel in an operational cybersecurity environment.
  • Familiarity with security telemetry analysis and rule-based alert correlation.
  • Ability to support cybersecurity operations across both classified and unclassified environments.
  • Familiarity with MITRE ATT&CK-based analytic methods and SIEM-driven monitoring concepts referenced in the ENOCS environment.