Cybersecurity SOC Analyst

Requirements 3–5+ years of experience in cybersecurity, IT support, systems administration, or SOC operations Foundational understanding of cybersecurity concepts including networking, endpoint security, identity management, and incident response Familiarity with security monitoring and alert triage processes Experience working with Managed Security Service Providers (MSSPs) Experience or exposure to enterprise security platforms such as: Microsoft GCC High Crowdstrike and other EDR/XDRs App Allow/Block-listing tools PIM/PAM Tools Various SIEMs Azure Sentinel Strong understanding of Windows, Linux, macOS, and cloud-based environments Basic understanding of SIEM, EDR/XDR, phishing analysis, and log analysis Strong analytical, troubleshooting, and problem-solving skills Excellent written and verbal communication skills Ability to prioritize and manage multiple tasks in a fast-paced environment Must be a U.S. Citizen eligible for government facilities and sensitive information Ability to obtain additional security clearances as required by contract (Desirable) Active Security Clearance (Desirable) Experience supporting defense, aerospace, government contracting, or regulated technology environments (Desirable) Familiarity with Microsoft GCC High environments (Desirable) Familiarity with using AI and LLM tools within the SOC (Desirable) Familiarity with monitoring AI and LLM tools (Desirable) Exposure to compliance frameworks such as NIST 800-171, CMMC, CIS Controls, or ISO 27001 (Desirable) Experience with scripting or automation using PowerShell, Python, or Bash (Desirable) Familiarity with digital forensic process and chain of custody (Desirable) Knowledge of MITRE ATT&CK framework and common threat actor techniques (Desirable) Security certifications such as Security+, CySA+, SC-900, Network+, or equivalent (Desirable) Experience working in a 24/7 or operational security environment preferred What the job involves We are seeking a SOC Analyst II to join our growing Security Operations team and help defend the organization against evolving cyber threats This role will support day-to-day monitoring, triage, investigation, and response activities across enterprise systems, endpoints, cloud infrastructure, and collaboration environments The ideal candidate is a mid-career cybersecurity professional with a strong technical foundation, curiosity for threat analysis, and a desire to grow within a mission-focused defense technology environment This individual will work closely with senior security engineers, IT, and infrastructure teams to identify suspicious activity, investigate alerts, and support the protection of sensitive company and government-related data This position is ideal for someone who thrives in a fast-paced startup environment and is passionate about operational cybersecurity Security Monitoring & Incident Response Monitor and triage security alerts and events across enterprise systems, endpoints, cloud platforms, and networks Investigate suspicious activity, indicators of compromise, phishing attempts, malware detections, and unauthorized access attempts Escalate validated security incidents to senior analysts or engineering teams as appropriate Support containment, remediation, and recovery activities during cybersecurity incidents Assist with root cause analysis and incident documentation Security Operations & Tool Administration Support administration and monitoring of cybersecurity platforms including: Microsoft GCC High Crowdstrike and other EDR/XDRs PIM/PAM Tools Various SIEMs Azure Sentinel Monitor endpoint detection and response (EDR/XDR) alerts and telemetry Assist with tuning alerting rules and reducing false positives Support vulnerability management and remediation tracking activities Help maintain endpoint, identity, and cloud security configurations Threat Detection & Analysis Review logs and security telemetry from SIEM, endpoint, network, and cloud security platforms Identify anomalous or malicious behavior patterns Assist with development and improvement of detection rules, playbooks, and response procedures Participate in threat hunting and proactive security monitoring initiatives Compliance & Documentation Support cybersecurity compliance initiatives including CMMC, NIST 800-171, and DFARS requirements Maintain accurate incident records, investigation notes, and operational documentation Assist with audit preparation, evidence collection, and remediation tracking Follow established security procedures and escalation processes Security Awareness & Collaboration Collaborate with IT, Engineering, and business teams to improve organizational security posture Assist with phishing response and user security awareness efforts Contribute to continuous improvement of SOC processes and operational maturity #J-18808-Ljbffr