Booker DiMaio, LLC
Senior Security Operations Analyst (SOC/Incident Response) - Onsite in Washington, DC (20024)
SOCAnalyst-WashingtonDC - Washington, DC, DC - Full Time
This job is onsite in Washington, DC (20024)
Selected candidate must be able to get a Public Trust clearance.
We are seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal environment in Washington, DC. This role is focused on continuous monitoring, alert triage, log analysis, and incident response execution to protect mission-critical systems. The position operates within a structured Security Operations Center (SOC) environment and requires strong hands-on analytical and incident response experience.
Selected candidate must be able to get a Public Trust clearance.
We are seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal environment in Washington, DC. This role is focused on continuous monitoring, alert triage, log analysis, and incident response execution to protect mission-critical systems. The position operates within a structured Security Operations Center (SOC) environment and requires strong hands-on analytical and incident response experience.
The ideal candidate will have experience performing security monitoring, investigating alerts, and executing incident response procedures in a SIEM-driven environment, along with familiarity supporting federal cybersecurity operations.
Key Responsibilities
- Perform continuous monitoring of security events, alerts, and system activity across enterprise environments
- Analyze and triage alerts from SIEM and security monitoring tools to determine severity, scope, and impact
- Conduct detailed log analysis across network, endpoint, identity, and cloud environments to identify indicators of compromise
- Execute incident response procedures including containment, eradication, recovery, documentation, and escalation
- Maintain awareness of threats, vulnerabilities, and attack patterns impacting enterprise systems
- Document and track security incidents in accordance with established procedures and federal reporting requirements
- Support refinement of detection rules, alert logic, and SIEM use cases to improve detection and response accuracy
- Collaborate with cybersecurity engineers and leadership to strengthen defensive capabilities
- Produce incident reports, security summaries, and operational documentation for leadership and compliance needs
- Participate in shift-based SOC operations as required to support continuous monitoring coverage
Required Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
- 6+ years of experience in Security Operations, SOC analysis, or Incident Response
- Government experience required
- Active or previously held Public Trust clearance; U.S. Citizenship required
- CompTIA Security+ certification required
- CompTIA CySA+ certification required
- Hands-on experience with:
- SIEM platforms and alerting systems
- Log analysis across network, endpoint, identity, and cloud environments
- Threat detection and security monitoring tools
- Demonstrated experience with:
- Daily security monitoring and alert triage
- Incident response execution in structured SOC environments
- Security operations support in enterprise environments
- Strong understanding of cybersecurity principles, threat vectors, and attacker methodologies
- Ability to analyze complex datasets and respond to security incidents under pressure
- Strong communication and documentation skills
Desired Qualifications
- Experience supporting federal cybersecurity compliance frameworks such as NIST and FISMA
- Familiarity with SOC ticketing systems and workflow tools
- Exposure to cloud security monitoring (Microsoft Azure or AWS environments)
- Experience working in 24/7 Security Operations Center environments
- Experience supporting detection engineering or SIEM rule tuning activities
