Senior Security Operations Analyst (SOC/Incident Response) - Onsite in Washington, DC (20024)

The ideal candidate will have experience performing security monitoring, investigating alerts, and executing incident response procedures in a SIEM-driven environment, along with familiarity supporting federal cybersecurity operations.

Key Responsibilities

• Perform continuous monitoring of security events, alerts, and system activity across enterprise environments
• Analyze and triage alerts from SIEM and security monitoring tools to determine severity, scope, and impact
• Conduct detailed log analysis across network, endpoint, identity, and cloud environments to identify indicators of compromise
• Execute incident response procedures including containment, eradication, recovery, documentation, and escalation
• Maintain awareness of threats, vulnerabilities, and attack patterns impacting enterprise systems
• Document and track security incidents in accordance with established procedures and federal reporting requirements
• Support refinement of detection rules, alert logic, and SIEM use cases to improve detection and response accuracy
• Collaborate with cybersecurity engineers and leadership to strengthen defensive capabilities
• Produce incident reports, security summaries, and operational documentation for leadership and compliance needs
• Participate in shift-based SOC operations as required to support continuous monitoring coverage

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
• 6+ years of experience in Security Operations, SOC analysis, or Incident Response
• Government experience required
• Active or previously held Public Trust clearance; U.S. Citizenship required
• CompTIA Security+ certification required
• CompTIA CySA+ certification required
• Hands-on experience with:
  • SIEM platforms and alerting systems
  • Log analysis across network, endpoint, identity, and cloud environments
  • Threat detection and security monitoring tools
• Demonstrated experience with:
  • Daily security monitoring and alert triage
  • Incident response execution in structured SOC environments
  • Security operations support in enterprise environments
• Strong understanding of cybersecurity principles, threat vectors, and attacker methodologies
• Ability to analyze complex datasets and respond to security incidents under pressure
• Strong communication and documentation skills

Desired Qualifications

• Experience supporting federal cybersecurity compliance frameworks such as NIST and FISMA
• Familiarity with SOC ticketing systems and workflow tools
• Exposure to cloud security monitoring (Microsoft Azure or AWS environments)
• Experience working in 24/7 Security Operations Center environments
• Experience supporting detection engineering or SIEM rule tuning activities