Security Operations Center Analyst

Tier 3 Security Operations Center (SOC) Analyst

Washington, DC Metro Area

We are a WBJ Best Places to Work ranked Managed Service Provider in the DC area looking for experienced motivated cyber security professionals to join our team. We are one of the top IT Services firms in the DC market with a diverse staff, a unique culture promoting teamwork and customer service, that specializes in aligning technology with the business needs of our customers.

We’ve helped over 1,000 DoD contractors throughout the U.S. navigate the complexities of DFARS, NIST 800-171, and now CMMC. Knowledge of cybersecurity frameworks including NIST CSF, NIST 800-171, NIST 800-53 are a must.

Benefit Information

• 100% of single healthcare plan paid
• 401k + Company Match
• 2 Weeks Paid Time off
• Certification & training reimbursement
• Employee Rewards Program with Company Store

Responsibilities:

Advanced Threat Detection:

• Analyze and interpret security events and alerts from various sources including SIEM, IDS/IPS, and endpoint security tools.
• Identify and respond to sophisticated cyber threats and incidents.

Incident Response:

• Lead incident response efforts for high-severity security incidents.
• Conduct thorough investigations to determine the root cause, impact, and scope of incidents.
• Develop and implement containment, eradication, and recovery plans.

Threat Intelligence:

• Utilize threat intelligence to proactively identify and mitigate potential security threats.
• Stay updated with the latest cybersecurity trends, vulnerabilities, and threat actors.

Forensics and Malware Analysis:

• Perform digital forensics and malware analysis to support incident investigations.
• Preserve evidence and create detailed reports on findings.

Mentorship and Training:

• Provide guidance and mentorship to Tier 1 and Tier 2 SOC Analysts.
• Develop and deliver training sessions to enhance the skills and knowledge of the SOC team.

Security Improvements:

• Recommend and implement improvements to SOC processes, tools, and technologies.
• Participate in red team/blue team exercises to test and improve the organization's security posture.

Documentation and Reporting:

• Maintain detailed and accurate documentation of incidents, investigations, and actions taken.
• Generate and present reports to management on security incidents and SOC performance.

Qualifications:

• Minimum of 5 years of experience in cybersecurity, with at least 3 years in a SOC environment.
• Strong knowledge of network security, endpoint security, and security information and event management (SIEM) systems.
• Experience with incident response, digital forensics, and malware analysis.
• Familiarity with threat intelligence platforms and frameworks (e.g. MITRE ATT&CK).
• Excellent analytical, problem-solving, and communication skills.
• Ability to work under pressure and handle multiple high-priority tasks simultaneously.

Preferred Skills:

• Bachelor's degree in Computer Science, Information Security, another related field, or equivalent on the job experience.
• Experience working with an MSP/MSSP or other Multi-tenant environments.
• Experience with cloud security (AWS, Azure, GCP).
• Knowledge of scripting languages (Python, PowerShell, KQL).
• Experience with regulatory compliance (e.g., CMMC, DFARS).
• Experience working in customer facing positions (driving engagement during incidents & synchronization calls).

Certifications:

• Relevant certifications such as GMON, GCIA, GCFE, GCIH, CASP+, CySA+ or similar are highly desirable.