Tier 3 Security Operations Center (SOC) Analyst

Role Summary

The Tier 3 Security Operations Center (SOC) Analyst is a senior-level cybersecurity professional responsible for monitoring, analyzing, and responding to complex security events across multiple data sources. This role includes providing leadership and mentorship to Tier 1 and Tier 2 analysts, overseeing shift operations, and ensuring the timely detection and mitigation of security incidents. The position requires strong technical expertise, excellent communication skills, and the ability to coordinate security efforts within a fast-paced environment.

Responsibilities

• Analyze security alerts and respond to incidents from SIEM, firewall, IDS, IPS, antivirus, and network access control systems.
• Lead shift activities, supervising Tier 1 and Tier 2 analysts to ensure effective incident response.
• Provide mentorship and technical guidance to junior team members, fostering professional development.
• Communicate complex security technical details clearly to clients and team members in written and verbal formats.
• Coordinate and manage security investigations involving log analysis, packet captures, and protocol analysis.
• Collaborate with team members to improve SOC processes, workflows, and incident handling procedures.
• Maintain current knowledge of security threats, vulnerabilities, and best practices in cybersecurity defense.
• Support the integration and management of security tools such as Splunk, CrowdStrike, and other SIEM platforms.
• Maintain operational readiness and ensure compliance with security policies and standards.
• Assist in the development of security monitoring metrics and reporting to stakeholders.

Qualifications

• 3-5 years of experience in a Security Operations Center or cybersecurity environment, including demonstrated team leadership.
• Proficiency with Windows, Linux, or UNIX operating systems.
• Strong analytical skills and experience with security event analysis and incident response.
• Excellent written and verbal communication skills, capable of conveying technical information clearly.
• Hands-on experience with SIEM tools such as Splunk or similar platforms, and endpoint detection tools like CrowdStrike.
• This position requires eligibility for a U.S. Government security clearance. In accordance with federal law, U.S. citizenship is required.
• Ability to work on-site in a fast-paced, shift-based environment (target shift: 12 pm - 10 pm).
• Familiarity with common network protocols and services (FTP, HTTP, SSH, SMB, DAP).
• Relevant certifications such as CSIS, CEH, CSTA, CSTP, GCFE, CISSP, GCIH, GCIA, GPEN are preferred.
• Knowledge of IDS log analysis, packet capture tools, and military or government support experience is a plus.

Publishing Pay Range

$60.00 - $65.00 hourly

This position is based in office and requires employee to work on-site.