Cybersecurity SOC Analyst

About HallieMorgan Technologies

HallieMorgan Technologies is a forward-thinking technology company committed to delivering innovative solutions in the realm of cybersecurity and IT services. Our experienced team is passionate about protecting critical infrastructures and digital assets, fostering trust among our partners and clients. We take pride in creating a supportive and inclusive workplace that values professional growth and diversity.

Role Description

HallieMorgan Technologies is seeking an experienced Cybersecurity SOC Analyst where you will monitor and analyze security events, identify potential threats, and respond to incidents in real-time to protect organizational systems and data. Responsibilities include conducting malware analysis, implementing network and application security measures, and leveraging analytical skills to mitigate risks. You will be part of a dynamic team ensuring the organization’s security posture aligns with evolving threats and compliance requirements.

Location

This is a full-time position with hybrid flexibility between required on-site work in Washington D.C. and remote.

Schedule

Must be able to work shift work (6AM - 2PM/2PM - 10PM) with occasional weekends and special events.

Education & Experience

• A BS or Higher in Cybersecurity, Information Technology, or related field, is preferred
• 4+ years' IT Experience
• US Citizenship required

Qualifications

• Must have an active TS clearance and eligible for a TS/SCI but a TS/SCI is preferred
• Strong knowledge of Security Incident and Event Monitoring (SIEM) platforms such as the ELK stack.
• Direct experience working with very large datasets and log analysis tools.
• Strong knowledge of network security monitoring and intrusion detection tools such as Zeek and Suricata.
• Ability to characterize and analyze network traffic, identify anomalous activity / potential threats, analyze anomalies in network traffic using metadata
• Experience in planning and conducting threat hunts.
• Familiarization of Windows and Unix based operating systems.
• Knowledge of common networking protocols (http, dns, smb, etc.).
• Knowledge of the TCP/IP networking stack.
• Knowledge of both IT and OT networks.
• Understanding of complex Enterprise networks (routing, switching, firewalls, proxies, etc.).
• Security controls (firewalls, antivirus, Endpoint Detection and Response platforms, Intrusion Detection Systems, packet capture tooling, etc.) and how they can be leveraged to spot anomalies.
• Log analysis and how events of interest can be linked together or corroborated.
• Knowledge of threat actors’ tactics, techniques and procedures

Responsibilities

• Monitor an Elastic SIEM platform and respond appropriately to any suspicious or abnormal alerts.
• Perform threat hunts based on current cyber threat intelligence or recent cyber events.
• Review the ingest of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts and determine its applicability to the systems environment.
• Create detection content to support the automated identification of threats across the environment.
• Perform daily research to identify new tools, tactics, and procedures for threat actors and malware families.
• Author, update, and maintain SOPs, playbooks, work instructions.
• Prepare and report risk analysis and threat findings to appropriate stakeholders.

Certifications

• One or more of the following certifications:
  • Security +
  • CISSP
  • CISA
  • GIAC