Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities for career growth, and a culture of innovation that embraces adaptability, collaboration, technical excellence, and people in partnership. If this sounds like the choice you want to make, then choose MITRE - and make a difference with us. MITRE’s Information Security department seeks an Operations Analyst to respond to and investigate cyber security incidents within the organization. This position offers a challenging opportunity to be exposed to a diverse set of security disciplines, including incident response, forensics, reverse engineering, malware analysis, intrusion detection, network security, and system security. MITRE has long been a source of cyber security innovation and continues to seek dedicated and talented individuals. Roles & Responsibilities: + Respond to security alerts, investigate for signs of compromise and react accordingly. + Track and document security events and incidents in a ticketing system. + Analyze log data for signs of malicious activity in a SIEM. + Develop new analytics and apply mitigations for adversary Tactics, Techniques, and Procedures (TTPs). + Automate workflows in a SOAR tool. + Hunt for undetected indicators of compromise. + Develop new ways to use existing data to identify malicious activity. + Perform Incident Response actions such as forensics, memory analysis, etc. Basic Qualifications: + Typically requires a minimum of 5 years of related experience with a Bachelor’s degree; or 3 years and a Master’s degree; or a PhD with relevant experience who can immediately contribute at this job step; or equivalent combination of related education and work experience. + Must be detail oriented and able to consistently follow incident investigation process. + Must have good analytical, written, verbal, and interpersonal communication skills. + Must be able to work well as part of a team and be self-motivated to work on individual projects. + Must have prior experience with cloud monitoring and response or analytic development in at least one major cloud provider’s environment (AWS, Azure, or GCP) + Must have prior hands-on experience analyzing and responding to cyber events, including network, endpoint, server and cloud. + Must have prior hands-on experience with threat hunting. + This position requires a minimum of 50% hybrid on-site. Preferred Qualifications: + Applied knowledge of Cyber Security concepts. + Familiarity with Linux, Mac, and Windows Operating Systems. + An in-depth understanding of TCP/IP network protocols and application layer protocols (e.g., HTTP, SMTP, DNS, etc.). + Experience analyzing adversary tactics, techniques, and procedures (TTPs) and developing defenses and/or detections for them. + Scripting experience, preferably with Python. + Experience with Splunk or Elastic Search. + Hands-on cloud incident response experience. + Works well independently and with the team. + Technical leadership skills. + Solves complex problems. + Adaptability to new tools, architectures, and policies. + Prior experience with network, host, and memory forensics. This requisition requires the candidate to have a minimum of the following clearance(s): None This requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s): Secret Work Location Type: Hybrid MITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics. For further information please visit the Equal Employment Opportunity Commission website EEO is the Law Poster (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp\_%20English\_formattedESQA508c.pdf) . MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please email recruitinghelp@mitre.org . Copyright © 2025, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only. Benefits information may be found here (https://careers.mitre.org/us/en/benefits)