Intrusion Detection Analyst Jobs (NOW HIRING)

Sentar is seeking a Cybersecurity Analyst - Operations Watch Analyst (Tier 1-3) in Hawaii! Role Description: The Operations Watch Analyst serves as a critical member of the Cybersecurity Operations team, responsible for identifying, investigating, reporting, and mitigating cyber incidents across diverse network environments. This role ensures timely detection, analysis, and response to security events in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B and other applicable Department of Defense (DoD) directives.

The analyst will assess the severity of incidents, document findings, and coordinate appropriate response actions with stakeholders across the DoD Information Network (DoDIN). * Maintain a thorough working knowledge of CJCSM 6510.01B and ensure compliance with related policies and procedures. * Develop, maintain, and continuously improve Standard Operating Procedures (SOPs) for operational watch functions.

* Conduct proactive network intrusion detection, monitoring, correlation, and analysis to identify potential threats. * Validate and assess suspicious events to determine if they meet incident criteria, ensuring accurate and timely entry into designated reporting systems. * Coordinate with Joint Force Headquarters-DoDIN (JFHQ-DoDIN) and supported organizations to ensure appropriate analysis, reporting, and escalation of significant incidents.

* Provide 24/7 incident response coverage, including after-hours and surge support as mission needs dictate. * Perform network and host-based digital forensics across Microsoft Windows and other operating systems to support incident analysis and remediation. * Analyze full packet captures (PCAP) using tools such as Wireshark and other network forensic utilities.

* Correlate system and network activity using Splunk and other log aggregation tools to detect anomalies and potential intrusions. * Develop, tune, and implement Intrusion Detection/Prevention System (IDS/IPS) signatures to enhance detection accuracy and minimize false positives. * Participate in program reviews, product assessments, and on-site certification evaluations to strengthen cyber defense posture.

* Support a rotating shift schedule (4x10-hour workdays), including at least one weekend day. * Work collaboratively in a high-tempo, mission-focused environment requiring flexibility and occasional overtime for surge operations. Key Responsibilities (By Tier) Tier 1 * Monitor network and host-based systems for suspicious activity using approved tools and SOPs.

* Validate security events and escalate potential incidents to Tier 2 analysts per CJCSM 6510.01B. * Enter and maintain accurate incident data in designated reporting systems. * Assist with incident documentation and tracking under supervision.

* Perform basic log correlation using tools such as Splunk, Elastic, or Sentinel. * Support 24/7 watch operations and shift turnovers across multiple ROCs. Tier 2 * Analyze and respond to validated security incidents, determining severity and operational impact.

* Coordinate incident response activities with internal teams, reporting agencies, and subscriber sites. * Perform network and host-based digital forensics on Windows, Linux, and other operating systems. * Conduct log correlation and deeper analysis to identify trends and patterns.

* Update and maintain SOPs to ensure compliance with CJCSM 6510.01B. * Support IDS/IPS tuning and signature implementation. Tier 3 * Lead complex incident response efforts, including analysis, mitigation, and reporting.

* Manage and oversee incident response campaigns and multi-team coordination. * Conduct proactive threat hunting and advanced investigations. * Lead purple team exercises to improve detection and response capabilities.

* Evaluate and refine IDS/IPS signatures, detection logic, and correlation rules. * Perform advanced digital forensics and mentor junior analysts. * Support program reviews, product evaluations, and certification assessments.

Clearance Level: * Secret with upgrade to TS required Education/ Experience: * Bachelor's degree in Cybersecurity, Information Technology, or a related field; or a minimum of three years of directly relevant experience, preferably within a DoD or federal cybersecurity environment. * Willingness to travel up to 15% globally, including short-notice (72-hour) deployments in support of incident response operations. Certifications: * Must hold an IAT Level II (Tier 1 and 2) or IAT Level III (Tier 3) certification (per DoD 8570.01-M) and PWS certification requirements in accordance with DoD cybersecurity workforce requirements.

* CND certification Preferred: * Five or more years of cybersecurity incident response experience. * Strong knowledge of incident response procedures, packet analysis, IDS/IPS technologies, and host-based security tools. * Proficiency in log correlation and analysis using tools such as Splunk, Elastic, or equivalent platforms.

* Familiarity with digital forensics tools and methodologies. * Demonstrated ability to analyze complex issues, think critically, and operate independently under pressure. * Excellent written and verbal communication skills to support operational reporting and coordination.

* In-depth understanding of CJCSM 6510.01B reporting requirements. * Prior experience in DoD environments. * Experience conducting digital forensics and malware analysis.

Benefits at Sentar: Our unique ownership model attracts top talent, giving employees the freedom to take initiative and drive meaningful improvements. In addition to cultivating a thriving and inclusive work environment, Sentar offers an extensive benefits package designed to support the well-being of employees and their families. Employee ownership is the foundation of our culture, promoting participation, teamwork, and accountability while ensuring long-term financial security and a commitment to excellence.

* Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options * Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options * Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees * Generous 401(k) match * Competitive PTO plan that graduates quickly with years of service * Other leave programs; holiday schedule along with bereavement, maternity, jury and military duty * Mental health awareness programs * Tuition reimbursement * Professional development reimbursement * Recognition and Awards programs If you are not ready to apply for this position, submit your resume here to join our talent community We'll keep you updated occasionally on new job opportunities. Sentar is an Affirmative Action and Equal Opportunity Employer M/F/Vets/Persons with Disabilities Our culture is one of inclusivity and support. Sentar is proudly an Equal Opportunity and VEVRAA Federal Contractor Employer M/F/Vets/Persons with Disabilities.

Follow these links to learn more about your rights: EEO Is the Law Poster ; EEO Is Law Supplement ; and Pay Transparency . We want you to build your career at Sentar, so if you are an individual with a disability and require a reasonable workplace accommodation applying for a job or at any point in the employment process, contact the Recruiting Manager at . Please indicate the specifics of the assistance needed.

Thank you for considering Sentar in your employment search. Build, Innovate, Secure Your Career at Sentar.