SOC Tier 3 Analyst

About The Position

Requirements

• At least 5 years of combined experience in cybersecurity incident handling, SOC operations, and threat intelligence analysis.
• US Citizenship required.
• Must possess or be able to obtain and maintain a Secret clearance
• Relevant industry certifications [e.g., CISSP, Security+, GIAC-GCIH, CEH, GCIA, GCFA, OSCP].
• Expertise with security technologies, including SIEM systems (e.g., Splunk, QRadar, ArcSight), network monitoring tools, and endpoint detection solutions.
• Proficiency in scripting and automation using Python, PowerShell, or other languages.
• Hands-on experience performing forensic analysis on Windows, Linux, and cloud environments.
• Strong knowledge of security protocols, intrusion vectors, malware behavior, and remediation techniques.
• Exceptional problem-solving and communication skills with the ability to handle high-pressure situations.
• Technical Training, Certification(s), or Degree required; bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience) strongly preferred

Nice To Haves

• Degree and/or advanced certifications in cybersecurity.
• Experience integrating threat intelligence in SIEM and SOC processes.
• Knowledge of MITRE ATT&CK framework and its application in SOC workflows.
• Familiarity with cloud security (e.g., AWS, Azure, Google Cloud).

Responsibilities

• Serve as the senior analyst and escalation point for Tier 1 & Tier 2 in security incident handling.
• Perform advanced threat hunting and forensic investigations (network, endpoint, cloud).
• Lead incident response activities, including coordination, containment, eradication, and long-term remediation.
• Develop and refine SIEM detection rules and automation playbooks to improve SOC efficacy.
• Analyze and interpret logs, packet captures, and alerts to identify anomalous activities.
• Provide actionable threat intelligence to enhance defenses and support strategic decisions.
• Drive process improvement, mentoring, and training initiatives for the SOC team.
• Ensure compliance with client requirements, regulations, and relevant cybersecurity frameworks (e.g., NIST, CIS).
• Interface with stakeholders to provide threat landscape briefings, status reports, and post-incident reviews.
• Participate in red/blue teaming and tabletop exercises to validate SOC preparedness.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.