In cyber analysis, it is highly desirable to support the analysis of junior analysts by leveraging the experiences of experts. But, there are two major challenges to achieve this goal. First, it is very costly to capture the experience of experts for the complex task of cyber analysis using traditional approaches such as protocol analysis. Second, it is difficult to identify previous experiences of experts that are relevant to the dynamic context of an analyst's cyber analysis task. To address the first challenge, a system has been developed to capture non-intrusively the analytical reasoning processes of analysts. To tackle the second challenge, this paper presents an effective and efficient approach for retrieving relevant experiences based on the dynamically changing context of cyber analysis. We define an experience as a process of analytical reasoning and adopt an Action-Observation-Hypothesis (A-O-H) model to represent the processes in cyber analysis. Based on this model, a tool for capturing and supporting the analytical reasoning processes is shown to be able to support the elusive cognitive process in dynamic cyber situations. The experience retrieval approach of this paper supports the efficient experience retrieval, and dynamically updates the results as the context of analysis evolves. The experience retrieval approach is evaluated, based on the precision and recall with respect to the ground truth. The evaluation results suggest that the proposed approach supports significantly the analytical reasoning of analysts by leveraging the experiences of experts.