Security Operation Center (SOC) Analyst II

General Dynamics Information TechnologyColorado Springs, CO
$112,840 - $137,310Onsite

About The Position

The SOC Analyst’s primary function is to provide comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise. This position will conduct security event monitoring, advanced analytics and response activities in support of the government’s mission. This position requires a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables. Additionally, the candidate must be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. This position will support activities within Special Access Programs (SAPs) and provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

Requirements

  • 5+ years of related experience.
  • Solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables.
  • Familiarity with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management.
  • Strong analytical and technical skills in computer network defense operations.
  • Ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.
  • Experience and ability with analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents.
  • Knowledgeable and hands-on experience with a Security Information and Event Monitoring (SIEM) platforms and/or log management systems.
  • Strong logical/critical thinking abilities, especially analyzing security events.
  • Excellent organizational and attention to details in tracking activities within various Security Operation workflows.
  • Working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks.
  • Conceptual understanding of Windows Active Directory.
  • Working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
  • Experience with one or more of the following technologies: Network Threat Hunting, Big Data Analytics, Endpoint Threat Detection and Response, SIEM, workflow and ticketing, and Intrusion Detection System.
  • Prior performance in roles such as ISSO or ISSM.
  • SAP experience required.
  • CSSP Analyst certification required to Start (CEH, CFR, CCNA Cyber Ops, CySA+, GCIA, GCIH, GICSP, SCYBER).
  • Top Secret/SCI clearance required to start.
  • Must be able to obtain Top Secret SCI with CI Polygraph.

Nice To Haves

  • Bachelor’s degree in a related area or equivalent experience (4 years).

Responsibilities

  • Conduct security event monitoring, advanced analytics and response activities.
  • Analyze information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents.
  • Perform security event triage, incident investigation, implementing countermeasures, and conducting incident response.
  • Monitor SIEM platforms and/or log management systems that perform log collection, analysis, correlation, and alerting.
  • Analyze security events (windows event logs, network traffic, IDS events for malicious intent).
  • Track activities within various Security Operation workflows.
  • Identify and implement counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.
  • Perform Network Threat Hunting, Big Data Analytics, Endpoint Threat Detection and Response, SIEM, workflow and ticketing, and Intrusion Detection System activities.

Benefits

  • Variety of medical plan options, some with Health Savings Accounts
  • Dental plan options
  • Vision plan
  • 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
  • Full flex work weeks where possible
  • Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
  • Short and long-term disability benefits
  • Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service