Cybersecurity Operations Center Analyst, Senior

Booz Allen HamiltonUsa, VA
Remote

About The Position

Are you ready to take a strategic role in cyber defense? Are you looking for an opportunity to protect critical infrastructure from the constant onslaught of cyber-attacks? If you want to sharpen your skills by analyzing threats in real-time, you want to be a Cybersecurity Operations Center Analyst. As a Cybersecurity Operations Center Analyst on our security operations center team, you’ll improve tier monitoring strategies and analyze threats, using state-of-the-art tools and platforms. You’ll work with the team to comprehend, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You’ll manage efforts to figure out just how many systems are affected and assist recovery efforts. You’ll combine threat intelligence, event data, and assessments of events to identify patterns to understand attackers’ goals to stop them from succeeding. This is a great opportunity to continue to build your cybersecurity skills with hands-on experience in threat assessment and incident response. Join us as we protect clients from malicious actors. In this role, you’ll lead a team of professionals as they use cyberspace capabilities to evaluate potential weaknesses as well as the effectiveness of mitigations for cyber security solutions. You will leverage cyberspace operations systems to aggregate threat feeds that inform briefings for senior leadership aligned to our Army client. If you want to be in the fight, working shoulder to shoulder with our mission partner influencing the most critical global cyber missions, this is the opportunity for you. Join us. The world can’t wait.

Requirements

  • 7+ years of experience working in a Security Operations Center (SOC) at a classified level within the DoW
  • Experience leading the initial phases of the incident lifecycle, including conducting rapid triage to determine severity, performing deep-dive investigations into root causes, and assessing appropriate containment strategies to halt active threats
  • Experience working with cybersecurity staff to evolve continuous monitoring toolsets by generating new detection rules and refining existing alerts to maximize high-fidelity alerts and minimize false positives
  • Experience refining, developing, and maturing standard operating procedures (SOPs) and SOC responsibilities throughout each stage of the incident response lifecycle
  • Ability to manage post-compromise activities, focusing on the eradication of malicious artifacts, guiding the secure recovery of mission services, and generating comprehensive After-Action Reports (AARs) to document lessons learned
  • Ability to serve as a primary focal point for active incident response operations, taking responsibility for technical coordination and clear communication with key stakeholders
  • TS/SCI clearance
  • Bachelor's degree
  • Ability to obtain an 8570 DoW approved CSSP baseline certification, including CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, or PenTest+, before start date

Nice To Haves

  • Experience using Elastic for monitoring, analysis, and case management
  • Experience using endpoint tools to successfully hunt for adversarial behavior
  • Experience with GCFA, GNFA, or equivalent relevant digital forensics
  • Ability to conduct threat hunting using network and host-based information
  • TS/SCI clearance with a polygraph
  • 8570 CSSP Analyst or Incident Responder Certification

Responsibilities

  • Improve tier monitoring strategies and analyze threats, using state-of-the-art tools and platforms.
  • Work with the team to comprehend, mitigate, and respond to threats quickly, restoring operations and limiting the impact.
  • Manage efforts to figure out just how many systems are affected and assist recovery efforts.
  • Combine threat intelligence, event data, and assessments of events to identify patterns to understand attackers’ goals to stop them from succeeding.
  • Lead a team of professionals as they use cyberspace capabilities to evaluate potential weaknesses as well as the effectiveness of mitigations for cyber security solutions.
  • Leverage cyberspace operations systems to aggregate threat feeds that inform briefings for senior leadership aligned to our Army client.
  • Conduct rapid triage to determine severity, perform deep-dive investigations into root causes, and assess appropriate containment strategies to halt active threats.
  • Evolve continuous monitoring toolsets by generating new detection rules and refining existing alerts to maximize high-fidelity alerts and minimize false positives.
  • Refine, develop, and mature standard operating procedures (SOPs) and SOC responsibilities throughout each stage of the incident response lifecycle.
  • Manage post-compromise activities, focusing on the eradication of malicious artifacts, guiding the secure recovery of mission services, and generating comprehensive After-Action Reports (AARs) to document lessons learned.
  • Serve as a primary focal point for active incident response operations, taking responsibility for technical coordination and clear communication with key stakeholders.

Benefits

  • health, life, disability, financial, and retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service