Senior Security Operations Analyst (SOC/Incident Response) - Onsite in Washington, DC (20024)

Washington, DC, DC
Full Time
SOCAnalyst-WashingtonDC
Experienced
This job is onsite in Washington, DC (20024)

Selected candidate must be able to get a Public Trust clearance.  

We are seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal environment in Washington, DC. This role is focused on continuous monitoring, alert triage, log analysis, and incident response execution to protect mission-critical systems. The position operates within a structured Security Operations Center (SOC) environment and requires strong hands-on analytical and incident response experience.

The ideal candidate will have experience performing security monitoring, investigating alerts, and executing incident response procedures in a SIEM-driven environment, along with familiarity supporting federal cybersecurity operations.

Key Responsibilities

  • Perform continuous monitoring of security events, alerts, and system activity across enterprise environments
  • Analyze and triage alerts from SIEM and security monitoring tools to determine severity, scope, and impact
  • Conduct detailed log analysis across network, endpoint, identity, and cloud environments to identify indicators of compromise
  • Execute incident response procedures including containment, eradication, recovery, documentation, and escalation
  • Maintain awareness of threats, vulnerabilities, and attack patterns impacting enterprise systems
  • Document and track security incidents in accordance with established procedures and federal reporting requirements
  • Support refinement of detection rules, alert logic, and SIEM use cases to improve detection and response accuracy
  • Collaborate with cybersecurity engineers and leadership to strengthen defensive capabilities
  • Produce incident reports, security summaries, and operational documentation for leadership and compliance needs
  • Participate in shift-based SOC operations as required to support continuous monitoring coverage

Required Qualifications

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
  • 6+ years of experience in Security Operations, SOC analysis, or Incident Response
  • Government experience required
  • Active or previously held Public Trust clearance; U.S. Citizenship required
  • CompTIA Security+ certification required
  • CompTIA CySA+ certification required
  • Hands-on experience with:
    • SIEM platforms and alerting systems
    • Log analysis across network, endpoint, identity, and cloud environments
    • Threat detection and security monitoring tools
  • Demonstrated experience with:
    • Daily security monitoring and alert triage
    • Incident response execution in structured SOC environments
    • Security operations support in enterprise environments
  • Strong understanding of cybersecurity principles, threat vectors, and attacker methodologies
  • Ability to analyze complex datasets and respond to security incidents under pressure
  • Strong communication and documentation skills

Desired Qualifications

  • Experience supporting federal cybersecurity compliance frameworks such as NIST and FISMA
  • Familiarity with SOC ticketing systems and workflow tools
  • Exposure to cloud security monitoring (Microsoft Azure or AWS environments)
  • Experience working in 24/7 Security Operations Center environments
  • Experience supporting detection engineering or SIEM rule tuning activities
Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*