Jobs at Sistema Technologies Inc.

View all jobs

Network Security Analyst 0056A

San Antonio, TX
San Antonio, TX
Network Security Analyst - Solicitation# 37100056A
Texas Cyber Command (TXCC)
 
  • Perform advanced incident response across Windows and Linux environments, including triage, containment, eradication, and recovery.
  • Conduct host-based forensics, including log analysis, memory capture, file system review, and malware behavior analysis.
  • Serve as Incident Commander during cybersecurity events, coordinating actions, documenting decisions, and communicating with leadership and affected agencies.
  • Analyze adversary Tactics, Techniques, and Procedures (TTPs) and map findings to MITRE ATT&CK.
  • Review and validate alerts from SIEM, IDS/IPS, EDR, and network monitoring tools.
  • Produce incident reports, timelines, and executive summaries for statewide stakeholders.
  • Support multi-agency response operations, including SLTT partners and critical infrastructure entities.
  • Provide recommendations for detection improvements, hardening, and long-term mitigation.
  • Participate in post-incident reviews, lessons learned, and playbook updates.
  • Maintain readiness for 24x7 response through on-call rotation or surge support.
Candidate must be a U.S. citizen, pass required background checks, complete required cybersecurity, privacy, and operational training before gaining system access, and comply with TXCC security and data-handling requirements. Occasional after-hours support may be required with TXCC approval. Work must be performed from within the United States unless TXCC grants prior written approval.
The working position is Hybrid - On Site and Telework.
 
Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Actual
Years
Experience		 Years
Experience
Needed		 Required/
Preferred		 Skills/Experience
  5 Required Advanced host‑based forensics across Windows and Linux, including memory, disk, and malware analysis, using telemetry from NetWitness, Gravwell, Google SecOps, and Corelight to validate findings and reconstruct attacker activity.
  5 Required Ability to correlate host, network, and intelligence data from CrowdStrike, SentinelOne, Microsoft Sentinel, Corelight, and NetWitness to build complete incident timelines.
  5 Required Experience producing high‑quality incident reports and executive summaries using evidence collected from Gravwell, NetWitness, Corelight, and case management workflows.
  4 Required Strong understanding of adversary TTPs, intrusion kill chains, and threat hunting methodologies using packet‑level and log‑level data from but not limited to Corelight, NetWitness, and CRIBL pipelines.
  3 Required Incident Commander experience
  1 Required Experience supporting SLTT or critical infrastructure environments, including multi‑tenant IR operations and cross‑agency coordination.
  5 Preferred Proficiency with threat intelligence platforms, including Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant, to enrich investigations, validate indicators, and map activity to MITRE ATT&CK.
  5 Preferred Hands‑on experience using Cyware CSAP for incident orchestration, automated enrichment, case creation, and workflow execution across SIEM, IPS, EDR, and ticketing systems.
  4 Preferred Security Certifications Preferred (CISSP, CIH, Sec+)



I need Three References

 
Reference Name (Required):  
Title (Optional)  
Company Name (Required):  
Phone Number (Required include area code):  
E-mail address (Optional):  
Professional Relationship (Optional):  
     
Peer                                                                      Co-Worker                                                                  Supervisor
   

  Customer                                                             End-User                                                                     Subordinate
 
Reference Name (Required):  
Title (Optional)  
Company Name (Required):  
Phone Number (Required include area code):  
E-mail address (Optional):  
Professional Relationship (Optional):  
     
Peer                                                                      Co-Worker                                                                  Supervisor
   

  Customer                                                             End-User                                                                     Subordinate
 
Reference Name (Required):  
Title (Optional)  
Company Name (Required):  
Phone Number (Required include area code):  
E-mail address (Optional):  
Professional Relationship (Optional):  
     
Peer                                                                      Co-Worker                                                                  Supervisor
   

  Customer                                                             End-User                                                                     Subordinate

 

Share This Job

Powered by