Skip to content
mimi
All jobs

Tier 3 SOC Analyst

cFocus Software Incorporated

Remote · US Full-time Senior Today
Apply with a tailored resume Save job

About the role

About

cFocus Software seeks a Tier 3 SOC Analyst to join our program supporting the Congressional Budget Office (CBO).

Qualifications

  • Active Public Trust clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 5+ years of SOC Analyst experience
  • Expert knowledge of incident response, threat hunting, and detection engineering
  • Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools
  • Strong understanding of MITRE ATT&CK framework and adversary tactics
  • Experience with digital forensics and malware analysis techniques
  • Ability to analyze logs across identity, endpoint, network, and cloud environments
  • Strong knowledge of AWS logs (CloudTrail, VPC Flow Logs) and enterprise security tools
  • Experience with KQL (Kusto Query Language) and advanced correlation analysis
  • Deep understanding of NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles
  • Experience with SOAR platforms and automation (Logic Apps, Sentinel playbooks)
  • Experience supporting federal environments and compliance (CUI, FTI, NIST, IRS 1075)
  • Experience leading incident response engagements and reporting to leadership

Preferred Certifications

  • GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
  • Microsoft Sentinel or Microsoft security platform certifications
  • Relevant cloud security certifications (e.g., AWS security)
  • Privacy certifications (e.g., CIPP/US, CIPM) where applicable

Duties

  • Lead investigation and response for complex and high-severity security incidents
  • Perform advanced threat hunting using Microsoft Sentinel and Defender platforms
  • Conduct digital forensics, malware analysis, and root cause analysis (RCA)
  • Develop, tune, and optimize detection rules, analytics, and correlation logic
  • Map detections and activities to MITRE ATT&CK framework
  • Oversee incident lifecycle management (detection through containment, eradication, and recovery)
  • Support and improve SOC playbooks, automation workflows, and response procedures
  • Provide mentorship and guidance to Tier I and Tier II analysts
  • Identify security control gaps and recommend remediation strategies
  • Support red team, purple team, and adversary emulation exercises
  • Contribute to incident reports, quarterly threat reviews, and executive briefings

Skills

AWS CloudTrailAWS VPC Flow LogsKQLLogic AppsMicrosoft DefenderMicrosoft SentinelMITRE ATT&CKNIST 800-53NIST 800-61NIST 800-92SOARZero Trust

Similar roles

IT Security Analyst

Allan Myers Inc.

Senior Cloud Engineer

ITMC Systems, Inc

AI Services Technical Lead

Lam Research

$141k – $307k/yr

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free