Cyber Operations Analyst – SOC Threat Management (Swing Shift)

About The Position

Requirements

• Experienced in cyber/IT security with at least 3+ years in cybersecurity/SOC analysis and operations.
• Familiarity with Artificial Intelligence / Machine Learning (AI/ML) capabilities, and their application to cyber analysis and SOC operations.
• Skilled in network traffic analysis and threat detection methodologies.
• Strong understanding of Boolean logic, TCP/IP fundamentals, network-level exploits, and IDS/IPS technologies.
• Familiar with control frameworks, risk management techniques, and cloud security (AWS, Azure, GCP).
• Hands-on experience with cybersecurity automation and SOAR platforms.
• Proficient in using ML frameworks for anomaly detection, threat intelligence, and behavioral analysis.
• Excellent communication, organizational, and interpersonal skills.
• BA/BS in Computer Science, IT, or related field (or equivalent experience).
• 3+ years of direct experience in cybersecurity and SOC analysis & operations
• U.S. Citizenship required
• Ability to obtain Public Trust clearance

Nice To Haves

• Experience with Splunk, ProofPoint, Cisco FirePower, SentinelOne, and Microsoft Defender suite.
• Expertise with IDS/IPS architectures, signature creation, and anomaly-based detection.
• Strong data analysis and feature engineering skills for ML-based security models.
• Direct experience with AI/ML applications in SOC environments, including automated threat detection and predictive analytics.
• GIAC Certified Enterprise Defender (GCED)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Detection Analyst (GCDA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Defending Advanced Threats (GDAT)
• GIAC Security Operations Certified (GSOC)
• Certified Information Systems Security Professional (CISSP)

Responsibilities

• Support 24x7 monitoring, detection, and management of advanced cyber threats.
• Perform deep-dive incident analysis by correlating data from multiple sources to determine impact on critical systems or datasets.
• Execute operational processes in support of response efforts to identified security incidents.
• Analyze network traffic to identify exploit or intrusion attempts, and recommend, implement, and tune detection mechanisms.
• Provide subject matter expertise on network-based attacks, intrusion methodologies, and threat management.
• Escalate complex incidents for further investigation and collaborate with other Threat Management team members.
• Utilize AI/ML-based tools to detect anomalies, automate triage, and improve threat intelligence.
• Conduct threat intelligence analysis to assess risk and adapt defenses using ML-enhanced tools.
• Manage email security using ProofPoint and respond promptly to threats.
• Configure and optimize Splunk for log analysis, alerting, and incident investigation.
• Deploy and monitor SentinelOne agents, FirePower detection rules and configurations, and enforce robust security measures.
• Monitor and respond to alerts across platforms including Microsoft Defender XDR, Defender for Endpoint, Defender for Office 365, Azure Entra ID, and Google Cloud SCC.
• Tune security policies, maintain visibility into cloud and endpoint environments, and support continuous improvement of security posture.
• Identify and implement automation use cases leveraging AI/ML and SOAR capabilities.
• Stay current on cybersecurity trends, threat actors, and AI/ML advancements relevant to SOC operations.

Benefits

• Medical Insurance
• Dental Insurance
• Vision Insurance
• Life Insurance
• Short Term & Long Term Disability
• 401k Retirement Savings Plan with Company Match
• Paid Holidays
• Paid Time Off (PTO)
• Tuition and Professional Development Assistance