Cyber Defense Operator

The Mission

This is not a typical cybersecurity role. As a Cyber Defense Operator supporting the 33rd Network Warfare Squadron at Lackland AFB, you will serve as the first layer of cybersecurity defense for Air Force networks across the globe - CONUS and OCONUS. This is mission-critical work protecting the USAF's most vital networks within 16th Air Force. If defending the nation's most important networks is what drives you, this is your opportunity.

Required Qualifications

• Active TS/SCI clearance
• GCFA Certification
• IAT Level 2 Certification
• SOC experience - incident response, network monitoring, and threat hunting
• SIEM experience - Splunk, DEVO, or ArcSight
• Intermediate knowledge of IDS/IPS systems used by the DoD, Services, and Agencies (AF, Navy, Army, DC3, DISA) or Federal Government
• Networking fundamentals - IP addressing, DNS, TCP/UDP, FTP, SMTP, HTTP, and OSI model
• Extensive knowledge of the MITRE ATT&CK framework and its application within the cybersecurity community

Nice to Have

• Cyber signature writing experience
• Coding experience
• Offensive or purple team experience

Responsibilities

• Review all IDS/IPS alerts per AFCERT Operating Instructions and checklists at the AOL, COOP, or Ops Floor
• Conduct host security monitoring, alert review, and intrusion detection analysis for the AFIN-SOC mission
• Monitor security sensors to analyze IDS and SIEM data, identify and correlate security events, and review logs to identify intrusions for remediation
• Correlate suspicious events with network events and data stored within databases and external DoD resources, including the Big Data Platform (BDP)
• Analyze traffic, logs, and events to determine the necessity for higher-level analysis and conduct initial assessments of intruder activity
• Document who, what, where, why, and when for any identified suspicious activity in the case management system (CMS)
• Conduct triage of suspicious activity alerts and logs to make fast and accurate triage decisions
• Enter event data into mission support systems in accordance with AFIN SOC operational procedures
• Escalate security incidents using established policies and procedures
• Generate end-of-mission reports (MISREPs) and provide pass-on information for crew knowledge transfer
• Provide computer security support to AF field units including 688 Cyber Wing Squadrons, Base Communications Squadrons, and Mission Defense Teams
• Conduct 24x7x365 near real-time network security monitoring and intrusion detection analysis with no more than a 1% error rate
• Develop, review, and maintain procedures related to the overall monitoring of hosts and systems
• Create and document metrics for reporting and analysis to improve alert triage processes and mission execution
• Provide OJT to other contractor employees, military, and civilian personnel and ensure continuity folders and working aids are kept current
• Execute approved scoping and response actions against compromised endpoints - accounts, registry configurations, files, processes, IP addresses, ports, and domains
• Analyze threat intelligence (TIPPERs) including IoCs, TTPs, vulnerabilities, and actionable intelligence mapped to the MITRE ATT&CK framework
• Comply with third-party MOU/MOA monitoring and reporting requirements
• Participate in planning, briefing, and debriefing tasks as directed by the CDO Mission Lead or Crew Commander
• Maintain currency on the latest industry trends and provide operational reports and assessments for TTP development
• Provide monthly performance metrics including readiness, qualifications, events processed, CAT events, and incidents identified

Why TEKsystems

TEKsystems is one of the most recognized names in technology staffing and services, with a track record of connecting top talent to mission-critical work across the DoD and federal government. We invest in our people - offering a competitive benefits package and a team that genuinely takes care of its own.

Why the 33rd NWS

The 33rd Network Warfare Squadron is one of the most highly visible and well-known cyber units in San Antonio. You will be working on the cutting edge of DoD cyber operations, supporting mission-critical environments that directly impact national security. This program is fully funded and in its 2nd option year with 3 years remaining before recompete - that's stability you can count on.
This team also believes in developing its people. Approximately 40% of contractors on this program have been promoted within their first year. Growth paths exist into roles including cyber signature writing, coding, and offensive/purple team operations - with some positions reaching $135K.
Onsite hands-on training is available through a 3-week program, so you'll have the support you need to hit the ground running.

Why San Antonio

San Antonio is Cyber City USA - home to more DoD cybersecurity jobs than any other city in the country. Combined with one of the lowest costs of living in Texas, it's one of the best cities in the nation to build a long-term career in cyber.
Experience Level
Entry Level
Job Type & Location
This is a Contract position based out of san antonio, TX.
Pay and Benefits
The pay range for this position is $40.00 - $55.00/hr.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a fully onsite position in san antonio,TX.
Application Deadline
This position is anticipated to close on Apr 14, 2026.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.