About theta.

theta. is a. SBA-Certified 8(a) & HUBZone digital integration and management firm based in Baltimore, MD, working to create a world where tech works for everybody. Our mission is to bridge the gap between the intersection of innovation & technology and practical applications that serve the public interest.

We specialize in delivering software, services, and tools that enhance efficiency, security, and accessibility in government operations. Our commitment to be of service, be passionate, and be different drives us to deliver projects that make a significant impact.

Position Overview

We’re seeking a Sr. Cyber Defense Analyst to join our team, supporting the Department of Veterans Affairs’ Cybersecurity Operations Center (CSOC).

In this role, you’ll serve as a technical leader in detection engineering and automation, building, tuning, and operationalizing advanced cybersecurity analytics that defend national systems serving veterans and the public.

You’ll lead initiatives that integrate data across SIEM, SOAR, and EDR platforms, craft custom detections using Splunk SPL and KQL, and apply the MITRE ATT&CK framework to identify and mitigate adversary behaviors.

As a senior member of the SOC, you’ll mentor analysts, drive automation improvements, and collaborate across threat intel, forensics, and engineering teams to evolve VA’s cyber defense posture.

Key Responsibilities:

• Engineer and tune detections across Splunk, Microsoft Sentinel, Defender for Endpoint, and other monitoring tools to detect advanced threats in real time.
• Design and implement detection logic, map activity to MITRE ATT&CK, and reduce false positives through feedback loops and automated correlation.
• Leverage SOAR platforms to automate enrichment, containment, and remediation workflows for high-priority threats.
• Onboard and operationalize new data sources, ensuring data quality, completeness, and performance consistency.
  
• Apply machine learning and pattern analysis techniques to identify anomalies and improve detection accuracy.
• Lead detection optimization efforts across cloud, SaaS, identity, and networking environments.
• Collaborate with cross-functional teams (IR, Forensics, Threat Intel, IT, and Network Engineering) to align threat detection with enterprise operations.
• Participate in cybersecurity exercises, simulations, and continuous improvement of analytics and automation processes.

Basic Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline —or equivalent practical experience.
  
• 8+ years of experience supporting large-scale IT or cybersecurity programs, including 4+ years in enterprise SOC or IR environments.
• Deep understanding of security analytics, detection engineering, and incident response methodologies.
  
• Proficiency with SIEM, IDS/IPS, EDR, and SOAR platforms (e.g., Splunk, Microsoft Sentinel, Defender for Endpoint).
  
• Experience mapping detections to MITRE ATT&CK and tuning detections for high signal fidelity.
• Strong scripting or query development skills (SPL, KQL, or Python).
• Excellent written and verbal communication skills.
• U.S. Citizenship required.
• Must be able to meet any other requirements for government contracts for which they are hired (e.g., must reside in the U.S., Security Clearances)
• Some of our clients may occasionally request or require travel. If this concerns you, we encourage you to apply and discuss it with us at your initial interview.

Preferred Qualifications

• SANS certifications such as GCFE, GCIH, GNFA, or equivalent level are strongly preferred.
  
• Experience operationalizing detections in cloud-native security tooling (Azure Sentinel, AWS GuardDuty, Google Chronicle).
  
• Familiarity with machine learning models and behavioral analytics for anomaly detection.
  
• Experience developing and implementing feedback processes for continuous tuning and performance improvement.

Why Join theta.?:

• Collaborate with a talented and passionate team committed to making a difference.
• Work on impactful projects that directly contribute to the efficiency and effectiveness of our country's operations.
• Enjoy a supportive and inclusive work environment that fosters growth and development.
• Benefit from a competitive compensation package, including comprehensive health benefits, retirement plans, and flexible work arrangements.

If you are a mission-driven Cyber Defense Analyst eager to design, automate, and lead next-generation detection strategies that protect critical government systems, we encourage you to apply and join our team at theta.

Salary Range: $120,000 - $150,000 (DOE and project-specific details)