CBO Tier 3 SOC Analyst

CFocus Softwareorporated

Job Location:

Washington, AR - USA

Monthly Salary: Not Disclosed

Posted on: 4 days ago

Vacancies: 1 Vacancy

Job Summary

Active Public Trust clearance
B.S. Computer Science Information Technology or a related field
5 years of SOC Analyst experience
Expert knowledge of incident response threat hunting and detection engineering
Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools
Strong understanding of MITRE ATT&CK framework and adversary tactics
Experience with digital forensics and malware analysis techniques
Ability to analyze logs across identity endpoint network and cloud environments
Strong knowledge of AWS logs (CloudTrail VPC Flow Logs) and enterprise security tools
Experience with KQL (Kusto Query Language) and advanced correlation analysis
Deep understanding of NIST frameworks () and Zero Trust principles
Experience with SOAR platforms and automation (Logic Apps Sentinel playbooks)
Experience supporting federal environments and compliance (CUI FTI NIST IRS 1075)
Experience leading incident response engagements and reporting to leadership
Preferred certifications include but are not limited to
- GCIA GCIH CISSP CEH or equivalent cybersecurity certifications
- Microsoft Sentinel or Microsoft security platform certifications
- Relevant cloud security certifications (e.g. AWS security)
- Privacy certifications (e.g. CIPP/US CIPM) where applicable

Duties:

Lead investigation and response for complex and high-severity security incidents
Perform advanced threat hunting using Microsoft Sentinel and Defender platforms
Conduct digital forensics malware analysis and root cause analysis (RCA)
Develop tune and optimize detection rules analytics and correlation logic
Map detections and activities to MITRE ATT&CK framework
Oversee incident lifecycle management (detection through containment eradication and recovery)
Support and improve SOC playbooks automation workflows and response procedures
Provide mentorship and guidance to Tier I and Tier II analysts
Identify security control gaps and recommend remediation strategies
Support red team purple team and adversary emulation exercises
Contribute to incident reports quarterly threat reviews and executive briefings

Required Experience:

Senior IC

cFocus Software seeks a Tier 3 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.Qualifications:Active Public Trust clearanceB.S. Computer Science Information Technology or a related field5 years...

Active Public Trust clearance
B.S. Computer Science Information Technology or a related field
5 years of SOC Analyst experience
Expert knowledge of incident response threat hunting and detection engineering
Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools
Strong understanding of MITRE ATT&CK framework and adversary tactics
Experience with digital forensics and malware analysis techniques
Ability to analyze logs across identity endpoint network and cloud environments
Strong knowledge of AWS logs (CloudTrail VPC Flow Logs) and enterprise security tools
Experience with KQL (Kusto Query Language) and advanced correlation analysis
Deep understanding of NIST frameworks () and Zero Trust principles
Experience with SOAR platforms and automation (Logic Apps Sentinel playbooks)
Experience supporting federal environments and compliance (CUI FTI NIST IRS 1075)
Experience leading incident response engagements and reporting to leadership
Preferred certifications include but are not limited to
- GCIA GCIH CISSP CEH or equivalent cybersecurity certifications
- Microsoft Sentinel or Microsoft security platform certifications
- Relevant cloud security certifications (e.g. AWS security)
- Privacy certifications (e.g. CIPP/US CIPM) where applicable

Duties:

Lead investigation and response for complex and high-severity security incidents
Perform advanced threat hunting using Microsoft Sentinel and Defender platforms
Conduct digital forensics malware analysis and root cause analysis (RCA)
Develop tune and optimize detection rules analytics and correlation logic
Map detections and activities to MITRE ATT&CK framework
Oversee incident lifecycle management (detection through containment eradication and recovery)
Support and improve SOC playbooks automation workflows and response procedures
Provide mentorship and guidance to Tier I and Tier II analysts
Identify security control gaps and recommend remediation strategies
Support red team purple team and adversary emulation exercises
Contribute to incident reports quarterly threat reviews and executive briefings