Senior Security Operations Analyst (SOCIncident Response) Onsite in Washington, DC (20024)

The ideal candidate will have experience performing security monitoring investigating alerts and executing incident response procedures in a SIEM-driven environment along with familiarity supporting federal cybersecurity operations.

Key Responsibilities

• Perform continuous monitoring of security events alerts and system activity across enterprise environments
• Analyze and triage alerts from SIEM and security monitoring tools to determine severity scope and impact
• Conduct detailed log analysis across network endpoint identity and cloud environments to identify indicators of compromise
• Execute incident response procedures including containment eradication recovery documentation and escalation
• Maintain awareness of threats vulnerabilities and attack patterns impacting enterprise systems
• Document and track security incidents in accordance with established procedures and federal reporting requirements
• Support refinement of detection rules alert logic and SIEM use cases to improve detection and response accuracy
• Collaborate with cybersecurity engineers and leadership to strengthen defensive capabilities
• Produce incident reports security summaries and operational documentation for leadership and compliance needs
• Participate in shift-based SOC operations as required to support continuous monitoring coverage

Required Qualifications

• Bachelors degree in Cybersecurity Information Technology Computer Science or related field preferred; equivalent experience accepted
• 6 years of experience in Security Operations SOC analysis or Incident Response
• Government experience required
• Active or previously held Public Trust clearance; U.S. Citizenship required
• CompTIA Security certification required
• CompTIA CySA certification required
• Hands-on experience with:
  • SIEM platforms and alerting systems
  • Log analysis across network endpoint identity and cloud environments
  • Threat detection and security monitoring tools
• Demonstrated experience with:
  • Daily security monitoring and alert triage
  • Incident response execution in structured SOC environments
  • Security operations support in enterprise environments
• Strong understanding of cybersecurity principles threat vectors and attacker methodologies
• Ability to analyze complex datasets and respond to security incidents under pressure
• Strong communication and documentation skills

Desired Qualifications

• Experience supporting federal cybersecurity compliance frameworks such as NIST and FISMA
• Familiarity with SOC ticketing systems and workflow tools
• Exposure to cloud security monitoring (Microsoft Azure or AWS environments)
• Experience working in 24/7 Security Operations Center environments
• Experience supporting detection engineering or SIEM rule tuning activities