Job Description

Salary: 100,000 - 140,000 USD per year Requirements:

• Bachelor's degree and 6+ years of experience in cyber security operations or incident response, or a High School Diploma and 10+ years of experience in cyber security operations or incident response.
• Experience with investigating and responding to APT threat campaigns, nation-state actors, and advanced cyber attacks.
• Experience in host-based forensics, memory analysis, or network forensics.
• Experience working with EDR, SIEM, SOAR, forensic tools, and malware analysis platforms.
• Knowledge of MITRE ATT&CK and adversary tactics, techniques, and procedures (TTPs).
• Ability to lead and mentor less experienced team members.

Responsibilities:

• Conduct cyber investigations and end-to-end incident response.
• Provide technical oversight and quality control across the CSOC.
• Identify opportunities for process improvement and efficiencies, and provide change management leadership to the CSOC team.
• Provide mentoring and skill development to less experienced analysts.

Technologies:

• AWS
• Azure
• Bash
• Cloud
• GCP
• LESS
• Network
• PowerShell
• Python
• Security

More:

We are seeking a motivated, career and customer-oriented Cyber Security Operations Center (CSOC) Analyst to join our team in McLean, Virginia. As a CSOC Analyst, you will lead the technical oversight and execution of cyber investigations and incident response activities within our large enterprise environment. This role is critical to detecting, analyzing, and mitigating Advanced Persistent Threat (APT) campaigns and other sophisticated cyber threats. You will act as a technical consultant within the SOC, capable of mentoring junior analysts, ensuring investigation quality, and driving improvements in response processes across all SOC domains.

Preferred Qualifications:
- Certifications such as GCIH, GCFA, GNFA, GCFE, GREM, OSCP, or equivalent.
- Experience with cloud security incidents (AWS, Azure, GCP) and hybrid security models.
- Experience developing custom detection rules (YARA, Sigma, Snort, Suricata) and automation scripts (Python, PowerShell, Bash).
- Experience in penetration testing and/or CNE/CNO activities.

Clearance Requirements:
- Must have a current/active TS/SCI w/ polygraph.

Physical Requirements:
- The person in this position must be able to remain in a stationary position 50% of the time.

Job Tags

Full time,

Similar Jobs