Lead Cyber Security Operations Center (CSOC) Analyst - USDS

Overview

Lead Cyber Security Operations Center (CSOC) Analyst - USDS

Responsibilities

• As a Lead SOC Analyst, you’ll play a critical role at the intersection of frontline detection, incident response, and strategic defense engineering. This isn’t a passive monitoring role—you’ll be empowered to lead investigations, shape detection logic, and elevate the SOC’s analytical and operational rigor.
• Lead high-fidelity investigations from triage to root cause, coordinating incident response efforts across threat surfaces including endpoint, cloud, identity, and SaaS.
• Mentor and develop SOC analysts, raising the technical bar through case reviews, scenario-based training, and real-time guidance during critical events.

Qualifications

• Minimum Qualifications
• 5+ years experience handling security-related incidents along with identifying and responding to advanced threats and threat actor TTPs
• Excellent communication skills (verbal and written), ability to influence without authority while demonstrating leadership and collaboration skills, in particular in leading or contributing to global and multi-functional analyst SOC teams.
• Demonstrated time management, problem-solving, effort prioritization and interpersonal skills as well as the ability to work well under pressure and within constraints to solve problems and meet objectives
• Excellent knowledge of industry-standard frameworks (e.g., MITRE ATT&CK)
• Strong analytical/problem-solving skills and cross-functional expertise across multiple IT operational and security disciplines with the ability to communicate technical concepts to a broad range of technical and non-technical staff
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change

• Preferred Qualifications
• GCIA, GCIH, GREM or applicable experience in the Information Security field
• One or more programming/scripting languages (e.g., Perl, Java, Python, etc.) / SQL - Experience writing and executing SQL queries
• Experience in performing or overseeing static/dynamic malware analysis and performing digital forensics for incident response
• High level of SIEM search and use case development/ detection experience
• Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types along with strong experience in cloud hosted environments - including UNIX/Linux and Windows environments

About Us

USDS is a security-first division created to bring heightened focus and governance to data protection policies and content assurance protocols to keep U.S. users safe. Our focus is on providing oversight and protection of the TikTok platform and U.S. user data.

Data Security Statement

This role requires the ability to work with and support systems designed to protect sensitive data and information. As such, this role will be subject to strict national security-related screening.

USDS Reasonable Accommodation

USDS is committed to providing reasonable accommodations in our recruitment processes for candidates with disabilities, pregnancy, sincerely held religious beliefs or other reasons protected by applicable laws. If you need assistance or a reasonable accommodation, please reach out to us at

Job Information

Compensation details are provided as part of the application process.

Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Paid time off and holidays are provided in accordance with company policy. The Company reserves the right to modify or change benefits programs at any time, with or without notice.