Senior SOC Analyst

Varite-posted 3 months ago
Full-time • Senior
Arlington, VA
251-500 employees
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Senior SOC Analyst position is a full-time role based in Arlington, VA, requiring onsite presence. The analyst will lead Tier 2/3 incident investigations across both classified and unclassified networks, utilizing various frameworks such as NIST 800-61, MITRE Telecommunication&CK, and the DoD Cyber Kill Chain to ensure structured incident response. The role involves coordinating responses with counterintelligence, compliance, and federal authorities as necessary, while managing and optimizing tools like Rapid7 InsightIDR, InsightConnect, Nexpose, and InsightVM for effective threat detection and vulnerability management. The analyst will also be responsible for developing automation workflows for patching and remediation, conducting proactive threat hunting, and ensuring compliance with various cybersecurity standards.

  • Lead Tier 2/3 incident investigations across classified and unclassified networks.
  • Use frameworks such as NIST 800-61, MITRE Telecommunication&CK, and DoD Cyber Kill Chain for structured incident response.
  • Coordinate response with counterintelligence, compliance, and federal authorities as required.
  • Manage and optimize Rapid7 InsightIDR, InsightConnect, Nexpose, and InsightVM.
  • Utilize Rapid7 InsightIDR for real-time detection and analytics.
  • Automate incident response playbooks using Rapid7 InsightConnect.
  • Identify, assess, and prioritize vulnerabilities across hybrid environments using Rapid7 Nexpose & InsightVM.
  • Correlate vulnerabilities with threat data to prioritize remediation of exploitable risks.
  • Build automation workflows for patching and remediation through Ansible and Puppet.
  • Conduct proactive threat hunting against nation-state adversaries using SIEM queries and Python scripts.
  • Develop advanced detection logic mapped to MITRE Telecommunication&CK TTPs.
  • Integrate threat intelligence feeds into SOC workflows.
  • Write custom Python scripts for IOC enrichment, API integrations, and log analysis.
  • Automate system hardening, patch management, and incident response workflows using Ansible.
  • Standardize secure baselines across Linux/Windows systems using Puppet.
  • Develop reusable automation playbooks integrated with Rapid7 SOAR.
  • Secure workloads across AWS GovCloud, Azure Government, and Boeing's private cloud infrastructure.
  • Monitor Kubernetes and containerized defense applications for runtime anomalies.
  • Implement identity/security policy enforcement across multi-cloud and hybrid environments.
  • Ensure compliance with CMMC, NIST 800-171, NIST 800-53, ITAR, and FedRAMP.
  • Maintain audit-ready documentation for DoD and regulatory inspections.
  • Support Boeing's supply chain cybersecurity programs, ensuring third-party compliance.
  • 10+ years in SOC operations, threat detection, and incident response.
  • Hands-on experience with the Rapid7 ecosystem (InsightIDR, InsightConnect, Nexpose, InsightVM).
  • Strong automation experience using Python, Ansible, and Puppet.
  • Familiarity with PowerShell and Bash scripting for cross-platform automation.
  • Deep knowledge of nation-state threat actors, APT techniques, and defense cyber operations.
  • Experience with SIEM, SOAR, IDS/IPS, EDR/XDR, firewalls, and vulnerability management.
  • Strong communication skills and ability to brief executives and federal stakeholders.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
SOC Analyst Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service