Senior Security Operations Analyst (SOC Analyst)

Job Summary:

We are seeking an experienced Senior Security Operations Analyst (SOC Analyst) to support security operations for a federal government client. In this role, you will be responsible for monitoring enterprise systems, analyzing security alerts, performing threat hunting, and supporting incident response activities.

The SOC Analyst will work independently to detect, analyze, and respond to cybersecurity threats across a complex IT environment. This position requires strong analytical capabilities, hands-on experience with security tools, and the ability to support a lean federal environment by developing detection strategies, improving monitoring processes, and reporting on the threat landscape.

Responsibilities:

• Monitor information systems for security threats, vulnerabilities, and suspicious activity using SIEM and other security tools.
• Analyze logs and alerts from multiple sources including EDR, NDR, firewalls, and identity platforms.
• Perform alert triage, investigation, and escalation in accordance with established procedures.
• Conduct proactive threat hunting using both manual techniques and automated tools.
• Develop, tune, and maintain detection rules and alerting policies to enhance threat detection and reduce false positives.
• Lead and support incident response activities from detection through resolution and post-incident documentation.
• Build and maintain daily monitoring checklists and standard operating procedures (SOPs).
• Evaluate and improve current security monitoring practices based on industry standards and best practices.
• Collect, analyze, and report security metrics; prepare threat intelligence reports for leadership.
• Collaborate with IT and security teams to strengthen overall security posture.

Experience Required:

• Minimum 6 years of hands-on experience in security operations, SOC analysis, or threat detection and response.
• Demonstrated experience using SIEM platforms for log analysis, alert triage, and correlation rule development.
• Proven experience executing incident response activities end-to-end.
• Experience performing threat hunting using manual and automated techniques.
• Hands-on experience developing and refining detection rules within SIEM or SOAR platforms.
• Ability to analyze log data from multiple security tools including EDR, NDR, firewalls, and identity systems.
• Experience preparing security metrics and threat reports for leadership and risk stakeholders.
• Strong analytical, problem-solving, and communication skills.

Preferred Skills:

• Experience with Continuous Diagnostics and Mitigation (CDM) tools.
• Familiarity with Microsoft Defender for Endpoint, Microsoft Sentinel, or similar platforms.
• Knowledge of the MITRE ATT&CK framework and its application in threat detection and hunting.
• Experience supporting small federal agencies or lean IT security teams.
• Familiarity with NIST SP 800-61 (Incident Response) and NIST SP 800-137 (Continuous Monitoring).
• Experience using PowerShell for automation, log analysis, and reporting.

Educational Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field preferred.
• Relevant certifications may substitute for a degree with sufficient hands-on experience.

Relevant Certifications (Preferred):

• CompTIA Security+
• CompTIA CySA+ (Cybersecurity Analyst)
• Microsoft Security Operations Analyst (SC-200)
• GCIA (GIAC Certified Intrusion Analyst)
• GCIH (GIAC Certified Incident Handler)
• CEH (Certified Ethical Hacker)
• CISSP (Certified Information Systems Security Professional)

This position offers an opportunity to play a critical role in defending federal systems by detecting threats, responding to incidents, and strengthening cybersecurity monitoring and operations.

Benefits:

• 401(k) matching
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance