Cyber Investigation Analyst - OTA

This is a contingent position based upon customer approval.

SkyePoint Decisions is seeking a Cyber Investigation Analyst to support the Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes. 

This position is located in Arlington, VA and will be onsite 5 days a week. No hybrid/telework allowed. 

Responsibilities:

• Support the Cyber Threat Investigations & Analysis Division (CTAD) in conducting end-to-end insider threat and cyber investigations leveraging User Activity Monitoring (UAM) tools and data.
• Collect, analyze, and interpret log data to detect anomalous user behavior, policy violations, and potential insider threats across enterprise systems.
• Develop and refine detection rules, alerts, and behavioral baselines to improve threat detection capabilities.
• Conduct forensic analysis of user activity logs, endpoint telemetry, and network data to support investigations and produce actionable intelligence.
• Communicate complex investigative findings to both technical and non-technical stakeholders, including senior management.
• Collaborate with legal, HR, and security teams to ensure investigations are conducted in accordance with applicable laws, policies, and Department guidelines.
• Author detailed investigation reports, bulletins, and advisories documenting findings.
• Promote awareness of insider threat indicators and UAM best practices among customer stakeholders, coworkers, and Department users.
• Respond to escalated security incidents and provide expert guidance on user activity-related threat vectors.
• Conduct all aspects of case management for active inquiries to include case documentation, investigative records, digital artifacts, SharePoint repositories, and data storage management.
• Provide guidance and mentorship to junior team members on investigative techniques and tool usage.
• Stay current on emerging insider threat tactics, techniques, and procedures (TTPs) and incorporate findings into detection strategies.

Required Qualifications:

• A Bachelor’s degree and 5 years of experience. An additional 4 years of experience may be substituted in lieu of the bachelors degree requirement.
• Minimum of 2 years of experience in in cybersecurity, digital forensics, or cyber investigations.
• Must either possess and maintain, or obtain prior to start date, one of the following professional certifications:
  • CISSP-ISSAP; CISSP-ISSEP; CISSP; Security+ CE; CySA+; PPDA; Agile IC; SNOW App Dev

• Experience conducting insider threat or cyber misconduct investigations in an enterprise environment.
• Experience analyzing large datasets of user activity, log data, and endpoint telemetry.
• Strong analytical, problem-solving, and decision-making skills to support complex, sensitive investigations.
• Excellent written and verbal communication skills, including experience producing formal investigative reports.
• Must possess strong time management skills and the ability to complete assigned tasks with minimal supervision.
• U.S. citizenship required.
• Active Top Secret security clearance.
• Ability to obtain a final Top Secret/SCI security clearance

Preferred Qualifications:

• Experience with insider threat programs and familiarity with the National Insider Threat Policy.
• Familiarity with SIEM platforms (e.g., Splunk, Microsoft Sentinel) for correlating UAM data with broader security telemetry.
• Experience with digital forensics tools (e.g., EnCase, FTK, Magnet AXIOM).
• Knowledge of Active Directory and Azure AD for user account analysis.
• Experience working in a government or federal law enforcement investigative environment.
• Technical writing skills and experience producing materials for senior leadership audiences.
• Familiarity with chain of custody procedures, and eDiscovery processes.
• Experience with behavioral analytics platforms or UEBA (User and Entity Behavior Analytics) tools.

Compensation:

Salary Range: $80,000-$103,000

The SkyePoint Decisions salary range for this position is a general guideline only. It represents an estimated range for this position and is just one piece of our total compensation package. 

Salary at SkyePoint is determined by various factors, including but not limited to location, work schedule, the candidate’s combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, market data and business considerations.

In addition to a competitive salary, SkyePoint offers benefits including a certification incentive program, PTO, floating federal holiday options, several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, Vision, ST/LT Disability, Life Insurance, and 401k matched.