Demo

Cyber Defense Operator

Viranim Technical Solutions
San Antonio, TX Full Time
POSTED ON 4/1/2026
AVAILABLE BEFORE 3/30/2031

Cyber Defense Operator

Location: San Antonio, TX

Clearance: Active Top Secret with SCI Eligibility (Required)

Certification Required: Active CompTIA Security

Position Overview

The Cyber Defense Operator provides mission-critical support to the Air Force Cyber Emergency Response Team (AFCERT) by executing Defensive Cyberspace Operations (DCO) in defense of United States Air Force networks and supported Combatant Commands.

This role is essential to protecting Air Force information systems by identifying, analyzing, and mitigating cyber threats in near real-time. AFCERT operates in a high-tempo 24/7/365 environment with zero tolerance for error, requiring exceptional attention to detail, precision, and responsiveness.

Mission Objectives

Cyber Defense Operators support AFCERT in delivering cyberspace defense capabilities that:

  • Protect and defend Air Force Networks (AFNet)
  • Detect, analyze, and respond to cyber threats and intrusions
  • Ensure mission assurance for Air Force and supported Combatant Commands
  • Execute network defense operations across NIPRNet and SIPRNet

Key Responsibilities

Defensive Cyberspace Operations (DCO)

Plan, implement, and execute AFCERT-directed defensive cyberspace operations, including:

  • Continuous monitoring and analysis of network traffic, alerts, and events
  • Operation and analysis of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
  • Detection and mitigation of malicious or anomalous activity
  • Incident response, containment, and remediation actions

Cyber Monitoring & Analysis

  • Perform near real-time monitoring of security events across Air Force systems
  • Review and analyze IDS/IPS alerts, SIEM data, and system logs
  • Correlate network activity with intelligence sources to identify threats
  • Conduct initial assessments of intrusions including scope, impact, and threat type

Incident Response & Threat Mitigation

  • Perform rapid alert triage and determine appropriate response actions
  • Isolate, contain, and mitigate cyber threats on Air Force networks
  • Execute approved response actions across systems, endpoints, and network components
  • Escalate incidents in accordance with established procedures

Event Documentation & Reporting

  • Accurately document incidents (who, what, where, when, and why)
  • Maintain case records in mission systems for follow-up and investigation
  • Generate Mission Reports (MISREPs) and deliver shift turnover briefings
  • Track and report performance metrics including incident volume and response effectiveness

Threat Intelligence & Analysis

  • Analyze threat intelligence and map adversary activity to frameworks such as MITRE ATT&CK
  • Provide feedback to improve detection accuracy and reduce false positives

Training & Continuous Improvement

  • Provide on-the-job training (OJT) to team members
  • Maintain continuity documentation and operational aids
  • Develop and refine tactics, techniques, and procedures (TTPs)
  • Recommend improvements to processes, tools, and systems

Mission Operations & Coordination

  • Support mission leads and crew commanders with execution and prioritization
  • Participate in mission planning, briefings, and debriefings
  • Maintain situational awareness and report anomalies impacting mission readiness

Facility & Security Support

  • Conduct periodic physical security checks of operational areas
  • Initiate emergency procedures when required
  • Report facility or operational anomalies to leadership

DCO Functional Area Support

Operators may support one or more of the following areas:

  • Network Detection & Monitoring
  • Incident Response & Forensics
  • Signature Management
  • Weapons & Tactics Development
  • Content Development
  • Training & Curriculum Development
  • Standards & Evaluations
  • Host-Based Detection
  • Operational Processes & PEX Management
  • Continuity of Operations (COOP)

Required Qualifications

  • Active Top Secret clearance with SCI eligibility
  • CompTIA Security certification
  • Experience in cyber defense, network security, or Security Operations Center (SOC) environments
  • Working knowledge of: IDS/IPS systems, SIEM platforms, network protocols and traffic analysis
  • Strong analytical, problem-solving, and decision-making skills
  • Ability to operate effectively in a high-tempo, mission-critical environment

Preferred Qualifications

  • Familiarity with DoD cyber operations
  • Experience supporting Air Force network environments

Salary.com Estimation for Cyber Defense Operator in San Antonio, TX
$82,854 to $105,551
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Cyber Defense Operator?

Sign up to receive alerts about other jobs on the Cyber Defense Operator career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$125,027 - $157,872
Income Estimation: 
$149,432 - $188,965
Income Estimation: 
$87,466 - $114,731
Income Estimation: 
$114,790 - $146,930
Income Estimation: 
$115,647 - $153,495
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Not the job you're looking for? Here are some other Cyber Defense Operator jobs in the San Antonio, TX area that may be a better fit.

Cyber Defense Operator (CDO)
Apply
  • SMS Data Products Group, Inc. San Antonio, TX
  • The Cyber Defense Operator (CDO) supports the Air Force Computer Emergency Response Team (AFCERT) mission by providing continuous, near real-time network s... more
  • 8 Days Ago
Cyber Defense Operator
Apply
  • Jobs via Dice San Antonio, TX
  • Cyber Defense Operations Analyst Location: On-site at Lackland, AFB Clearance Required: Active TS/SCI Experience Level: Junior Level (with relevant technic... more
  • 24 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!