Senior SOC Analyst- Hybrid

About The Position

Requirements

• Must be a U.S. citizen
• Active Secret clearance is preferred
• Must be able to obtain and maintain a U.S. Government security clearance, as required for the role
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent practical experience.
• 5+ years of experience in a SOC, incident response, or cybersecurity operations role.
• Strong experience with enterprise SIEM, EDR/XDR, identity, email security, and threat monitoring platforms in a production SOC environment.
• Proven experience leading alert triage, incident analysis, escalation handling, and threat hunting for complex or high-priority security events.
• Demonstrated experience independently leading security incidents from detection through containment and recovery.
• Experience working in a Microsoft-centric security environment is strongly preferred, including monitoring and investigation across endpoint, identity, email, and cloud telemetry.
• Hands-on experience with CrowdStrike XDR.
• Strong understanding of attacker behavior, incident response processes, detection tuning, and security operations best practices.
• Experience working in regulated environments is preferred, especially those aligned with NIST SP 800-171, CMMC, or FedRAMP.
• One DoD 8570/8140-aligned baseline certification, such as CySA+, CEH, or CFR, or ability to obtain one within 6 months of hire.
• Strong written communication skills, sound judgment during active incidents, and the ability to operate independently in a senior analyst capacity.

Responsibilities

• Investigate and respond to complex security alerts, suspicious activity, and escalated incidents across endpoints, identity, email, cloud, and network environments.
• Initiate and coordinate containment, eradication, and recovery actions in accordance with established playbooks.
• Make real-time containment and escalation decisions during active incidents.
• Serve as the senior analyst for high-priority alerts and incidents, helping determine scope, impact, and recommended containment actions.
• Perform proactive threat hunting using SIEM, EDR/XDR, threat intelligence, and behavioral indicators to identify suspicious or malicious activity.
• Support detection tuning and continuous improvement of alert logic, correlation rules, and SOC workflows to reduce false positives and improve visibility.
• Analyze and correlate security telemetry across enterprise tools to identify account misuse, suspicious behavior, and indicators of compromise.
• Support monitoring and investigation in a Microsoft-centric environment, including endpoint, identity, email, and cloud-based security events.
• Work within modern XDR workflows, including experience with CrowdStrike XDR and comparable detection and response platforms.
• Document investigations clearly and maintain accurate case notes, escalation details, and incident records.
• Provide technical guidance and mentorship to SOC Analyst I and II team members, including reviewing escalations and helping improve analyst consistency.
• Support audit readiness and operational reporting through thorough documentation and adherence to established incident handling practices.

Benefits

• A competitive salary and benefits package.
• A casual, friendly, and relaxed work environment.
• Professional growth encouragement and support.