Overview
On Site
USD 55.00 - 62.45 per hour
Full Time
Skills
Network Layer
Swift
Legal
Regulatory Compliance
Root Cause Analysis
Threat Analysis
Training
Mentorship
Knowledge Sharing
Leadership
Computer Science
Enterprise Networks
CSIRT
Intrusion Detection
Cybercrime
Operating Systems
Microsoft Windows
Linux
Network Protocols
Scripting
Perl
SANS
Security Controls
Algorithms
IPS
Email Security
Analytics
Network Design
Security Architecture
Network
Continuous Improvement
Lifecycle Management
Digital Forensics
Network Monitoring
Process Management
Management
Splunk
Elasticsearch
Windows PowerShell
Wireshark
Firewall
IDS
Python
OSINT
Security Operations
Incident Management
Malware Analysis
Cyber Security
System On A Chip
SIEM
CISSP
GCIH
GCIA
Linux+
Cisco Certifications
Analytical Skill
Information Security
Vulnerability Management
Authentication
Authorization
Taxes
Life Insurance
Collaboration
Partnership
Business Transformation
Law
Job Details
Description
Job Title: Cyber Defense Incident Responder, Snr (L3)
As a Snr Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of the customer. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities.
What you will do:
-Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS)
-Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation
-Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats
-Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements
-Provide incident reports with detailed root cause analyses and actionable recommendations
-Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization
-Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing
-Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls
-Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.
-Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.
-Bachelor's degree in Computer Science or a related 4-year technical degree
-Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities
-One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP
-Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments
-Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)
-Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management
-Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols
-Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)
-Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls
-Working knowledge in modern cryptographic algorithms and systems
-Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics
-Network design knowledge including security architecture
-Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)
-Conceptual understanding of cyber threat hunting
-Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response
-Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting
-Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement
-Knowledge of new and emerging cybersecurity technologies
-Ability to create technical documents as well as stakeholder sitreps and briefing documents
Preferred Qualifications:
-Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles
-CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement
-Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP
-Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs
-Demonstrated knowledge in cyber defense policies, procedures, and regulations
-Knowledge of cyber vulnerability management processes
-Knowledge of common user and system authentication and authorization mechanisms
Skills
Security, Information security, Security operations, Incident Response, Cyber Threat Analyst, Malware, Cyber security, Soc, Siem, analysis, splunk, ELK stack, Elastic Search, threat hunting, powershell, wireshark, firewall, malware analysis, ids, python, OSINT
Top Skills Details
Security,Information security,Security operations,Incident Response,Cyber Threat Analyst,Malware,Cyber security,Soc,Siem,analysis
Additional Skills & Qualifications
-Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP
-Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs
-Demonstrated knowledge in cyber defense policies, procedures, and regulations
-Knowledge of cyber vulnerability management processes
-Knowledge of common user and system authentication and authorization mechanisms
Experience Level
Expert Level
Pay and Benefits
The pay range for this position is $55.00 - $62.45/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Greensboro,NC.
Application Deadline
This position is anticipated to close on Nov 10, 2025.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Job Title: Cyber Defense Incident Responder, Snr (L3)
As a Snr Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of the customer. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities.
What you will do:
-Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS)
-Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation
-Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats
-Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements
-Provide incident reports with detailed root cause analyses and actionable recommendations
-Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization
-Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing
-Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls
-Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness.
-Identify gaps in detection and response capabilities and recommend improvements to SOC leadership.
-Bachelor's degree in Computer Science or a related 4-year technical degree
-Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities
-One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP
-Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments
-Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs)
-Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management
-Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols
-Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.)
-Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls
-Working knowledge in modern cryptographic algorithms and systems
-Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics
-Network design knowledge including security architecture
-Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage)
-Conceptual understanding of cyber threat hunting
-Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response
-Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting
-Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement
-Knowledge of new and emerging cybersecurity technologies
-Ability to create technical documents as well as stakeholder sitreps and briefing documents
Preferred Qualifications:
-Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles
-CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement
-Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP
-Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs
-Demonstrated knowledge in cyber defense policies, procedures, and regulations
-Knowledge of cyber vulnerability management processes
-Knowledge of common user and system authentication and authorization mechanisms
Skills
Security, Information security, Security operations, Incident Response, Cyber Threat Analyst, Malware, Cyber security, Soc, Siem, analysis, splunk, ELK stack, Elastic Search, threat hunting, powershell, wireshark, firewall, malware analysis, ids, python, OSINT
Top Skills Details
Security,Information security,Security operations,Incident Response,Cyber Threat Analyst,Malware,Cyber security,Soc,Siem,analysis
Additional Skills & Qualifications
-Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP
-Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs
-Demonstrated knowledge in cyber defense policies, procedures, and regulations
-Knowledge of cyber vulnerability management processes
-Knowledge of common user and system authentication and authorization mechanisms
Experience Level
Expert Level
Pay and Benefits
The pay range for this position is $55.00 - $62.45/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Greensboro,NC.
Application Deadline
This position is anticipated to close on Nov 10, 2025.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.