Cybersecurity Analyst III

About

Empower, Innovate, Impact! At Team A-TEK, we EMPOWER people to drive INNOVATION that IMPACTS mission!

A-TEK operates at the intersection of mission and innovation by applying our deep domain expertise across the federal markets. Embracing our digital-first strategy, A-TEK provides enhanced capabilities in application development, digital transformation, enterprise IT, and scientific services. Our solutions are designed to modernize, automate, secure, protect, and enhance the operations of our federal clients, ensuring they stay ahead in a rapidly evolving digital landscape.

Our work is fueled by a passion to serve our clients' needs and to protect the safety and welfare of Americans. That passion shapes how we nurture our most valuable asset – Our Employees. A-TEK actively cultivates the talent that drives our success and fosters a creative, challenging, and mission-driven work environment for current and future employees.

The Cybersecurity Analyst Tier 3 is responsible for overseeing and managing the daily activities of the Security Operations Center for our federal customer. The role involves helping to lead a team of security analysts and engineers who monitor, detect, analyze, and respond to security incidents and threats in an organization’s IT environment. This position is located in Rockville, MD and requires the ability to obtain and retain a public trust level security clearance. An active CISSP, CISM, or CISA is required for consideration. US Citizenship is required.

Role and Responsibilities

• Team Management: Manage highly complex cybersecurity issue resolution while training and mentoring Tier 1 and Tier 2 Analysts. Involves hiring, training, and mentoring security analysts, engineers, and other team members. Ensure each team member understands their roles, responsibilities, and goals within the SOC.
• Effectively communicate information to stakeholders of all levels.
• Incident Response: Coordinate the response to security incidents, guiding the team in analyzing, containing, mitigating impact, and initiating recovery procedures.
• Security Monitoring and Detection: Oversee continuous monitoring of security events and alerts to identify potential breaches or threats. Analyze logs, network traffic, and security tools to detect anomalous behavior and suspicious activities.
• Threat Intelligence: Keep abreast of the latest security threats, vulnerabilities, and attack techniques. Integrate threat intelligence into SOC processes and ensure the team is informed about emerging risks.
• Incident Analysis and Reporting: Investigate and analyze security incidents to understand root cause and potential impact. Generate incident reports for technical and non‑technical stakeholders, including management and relevant authorities.
• Security Tooling and Technology: Evaluate and implement security technologies such as SIEM systems, intrusion detection/prevention systems, and other tools that enhance SOC capabilities.
• Process Improvement: Continuously improve SOC procedures, workflows, and playbooks to streamline incident response and enhance overall security operations.
• Collaboration: Work closely with other teams (IT, network operations, compliance, legal) to ensure effective communication and coordination during security incidents.
• Compliance and Regulations: Ensure the SOC operates in compliance with relevant security standards, regulations, and policies.
• Training and Awareness: Conduct regular security awareness training for employees to enhance the organization’s overall security posture.

Qualifications

• 5+ years of experience within a cybersecurity environment; including 3+ years of experience in a cybersecurity SOC leadership role is required.
• Bachelor’s degree in computer science or a related field; or 5+ years of commensurate work experience in lieu of a degree.
• Endpoint and network security experience required.
• Experience in a security operations center, or similar environment, identifying indications of compromise or attack and responding to incidents.
• Robust certification credentials such as CISSP, CISM, CISA (required); additional certifications such as Network+, CEH, SANS FOR578: Cyber Threat Intelligence, SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics, Splunk Core Certified Advanced Power User, Splunk Administrator, and Splunk SOAR Administrator are preferred.
• Knowledge of MITRE ATT&CK framework.
• Vulnerability/cyber incident management framework.
• Experience in SOC Tier 3, mentoring a team of cybersecurity professionals.
• Experience with digital forensics and process.
• Knowledge of Splunk, CrowdStrike, Tenable, ForeScout, Xscalar, BigFix, MS 360, EnCase, FireEye, Cortex SOAR XDR, Prisma.

Preferred Skills and Experience

• IDS, IPS, EDR, ATP, malware defenses and monitoring experience.
• Threat hunting experience preferred.
• Knowledge of common adversary tactics and techniques (e.g., obfuscation, persistence, defense evasion, etc.).
• Working knowledge of incident response procedures.
• Experience with SQL query construction preferred.
• Experience administering and supporting Windows OS (workstations and server) and one of the following: Apple or Linux‑based operating systems.
• Fundamental understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc.
• Strong understanding of Windows event log analysis.
• Experience with enterprise information security data management – SIEM experience a plus.
• Programming and scripting skills a plus.
• Excellent troubleshooting and analytical thinking skills.
• Strong documentation and communication skills.
• Advanced cyber security certifications preferred but not required.
• Excellent customer service skills.

Compensation

The salary range for this position is $130,000 to $140,000 per year, based on experience and certification levels.

Benefits

• Health, dental, and vision insurance
• 401(k) with employer match
• Paid time off
• Professional development opportunities

---

#LI-OnSite

Candidates may use tools (including AI) for proofreading or formatting; however, using any tool to fabricate, exaggerate, or misrepresent qualifications, experience, or work product is not permitted. We may assess application materials for job‑related technical depth, internal consistency, and demonstrated hands‑on experience, including through follow‑up questions, skills assessments, or reference checks.

Misrepresentation or falsification may result in removal from further consideration. Candidates who need a reasonable accommodation in the application or interview process may request one.

A‑TEK, Inc. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or status as a qualified individual with a disability, or Vietnam era or other protected Veteran status. Verification of education may be requested before or during the hiring process.