Senior SOC/Cloud Security Analyst

About The Position

Requirements

• Advanced knowledge of Security Operations Center practices, incident response, and threat detection methodologies.
• Knowledge of scripting or automation (PowerShell, Python, or similar).
• Knowledge of Zero Trust architecture principles.
• Strong knowledge of cloud security principles across AWS and Azure environments.
• Knowledge of attacker tactics, techniques, and procedures (MITRE ATT&CK).
• Strongly skilled SIEM platforms such as Splunk, Microsoft Sentinel, or equivalent.
• Strongly skilled in vulnerability management tools such as Qualys and enterprise remediation programs.
• Skilled in endpoint detection and response (EDR/XDR) platforms.
• Strong analytical and problem-solving skills with the ability to operate during high-pressure incidents.
• Excellent written and verbal communication skills.
• Ability to mentor junior analysts and contribute to a high-performing SOC culture.
• Ability to translate technical risk into business impact for leadership.
• Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions
• Minimum 5+ years of progressive cybersecurity experience, with at least 3 years in a SOC or security operations role.
• Experience with SIEM and vulnerability management platforms.
• Experience securing cloud environments (AWS, Azure, or Google Cloud).
• Experience with incident response in enterprise environments.

Nice To Haves

• CISSP
• GCIA, GCIH, or GCED
• Microsoft SC-200 or SC-100
• AWS Security Specialty
• Certified Ethical Hacker (CEH)
• CompTIA Security+ (advanced candidates preferred beyond baseline cert)

Responsibilities

• Serve as a senior analyst within the Security Operations Center (SOC) responsible for advanced threat detection, triage, investigation, and response.
• Monitor and analyze security events using SIEM platforms (e.g., Splunk, Sentinel) to identify malicious or anomalous activity.
• Lead incident investigations, perform root cause analysis, and coordinate containment, eradication, and recovery efforts.
• Develop and refine detection use cases, correlation rules, and behavioral analytics to improve threat visibility.
• Provide technical leadership during high-severity cyber incidents.
• Conduct threat hunting activities across network, endpoint, identity, and cloud telemetry.
• Serve as the technical lead for vulnerability management using enterprise scanning platforms such as Qualys.
• Analyze vulnerability data, prioritize risks based on exploitability and business impact, and drive remediation with system owners.
• Validate patching effectiveness and oversee closure of critical and high-risk findings.
• Identify systemic weaknesses and recommend compensating controls.
• Produce executive-ready risk metrics and dashboards to support leadership decision-making.
• Secure AWS, Azure, and other cloud platforms through continuous monitoring and configuration assessment.
• Investigate cloud-native threats including identity compromise, misconfigurations, exposed services, and lateral movement.
• Implement and tune cloud security tooling such as CSPM, CWPP, and identity threat detection capabilities.
• Partner with DevOps and cloud teams to embed security controls into infrastructure deployments.
• Support secure architecture reviews and recommend improvements aligned with Zero Trust principles.
• Design, onboard, and normalize log sources to improve enterprise visibility.
• Enhance detection engineering by developing automated workflows, playbooks, and response integrations.
• Tune alerts to reduce false positives while improving detection fidelity.
• Support integration of threat intelligence feeds into security tooling.
• Evaluate emerging SOC technologies to strengthen defensive capabilities.
• Support audit requests, control validations, and security assessments.
• Maintain documentation for investigations, procedures, and operational playbooks.
• Ensure operational activities align with agency security policies and regulatory obligations.
• Includes participation in disaster response, cybersecurity incidents, and Continuity of Operations (COOP) activities as required.

Benefits

• comprehensive benefits package includes 100% paid employee health insurance for full-time eligible employees, a defined benefit pension plan, generous time off benefits, numerous opportunities for career advancement and more