SOC Analyst IV

Fairfax, VA, US • Posted 1 day ago • Updated 8 hours ago
Full Time
On-site
USD $120,000.00 - 140,000.00 per year
Fitment

Dice Job Match Score™

⭐ Evaluating experience...

Job Details

Skills

  • Finance
  • Continuous Improvement
  • Standard Operating Procedure
  • Network
  • Root Cause Analysis
  • Recovery
  • Mentorship
  • Professional Development
  • Collaboration
  • Security Engineering
  • Technical Writing
  • Forensics
  • NCR
  • Security Clearance
  • GCIA
  • Certified Ethical Hacker
  • Security+
  • Operating Systems
  • Computer Networking
  • Documentation
  • Communication
  • Information Technology
  • Computer Science
  • Information Systems
  • CISSP
  • GCFA
  • Reverse Engineering
  • NIST SP 800 Series
  • Risk Management Framework
  • RMF
  • FedRAMP
  • OMB
  • Regulatory Compliance
  • Continuous Monitoring
  • System On A Chip
  • Incident Management
  • Workflow
  • Malware Analysis
  • IOC
  • Extraction
  • Cloud Computing
  • Security Operations
  • Amazon Web Services
  • Microsoft Azure
  • Writing
  • SIEM
  • Scripting
  • Python
  • Windows PowerShell
  • SAP BASIS
  • Law
  • Artificial Intelligence
  • Cyber Security
  • Partnership
  • Innovation
  • Accountability

Summary

Job Description

Everforth ECS is seeking a SOC Analyst IV who lives in close proximity to the National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.

Please Note: This position is contingent upon contract award.

Salary Range: $120,000 - $140,000

This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a senior technical contributor on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.

As a SOC Analyst IV, you will operate at the Tier III level, serving as one of the most technically advanced analysts on the team and a cornerstone of the SOC's detection, triage, and response capability. Working alongside the SOC Manager, threat hunting teams, and security engineers, you will lead the most complex investigations, mentor junior analysts, and contribute directly to the continuous improvement of the SOC's playbooks, detection logic, and operational procedures. When the most sophisticated threats emerge, you will be the analyst the team turns to for deep technical expertise, sound judgment, and decisive action.

Position Responsibilities:
  • Provide Tier III support for SIEM alert triage, forensic analysis, and escalation, handling the most complex and high-priority security events within the SOC environment.
  • Maintain situational awareness across all SOC tools and telemetry sources, ensuring continuous visibility into the agency's security posture.
  • Lead shift handovers with clear, thorough documentation, ensuring seamless operational continuity across all SOC shifts.
  • Contribute to the development, review, and ongoing improvement of standard operating procedures (SOPs) and incident response playbooks to ensure they remain current, accurate, and operationally effective.
  • Support Red Team and Purple Team exercises to validate detection coverage, improve response procedures, and identify gaps in the SOC's defensive capabilities.
  • Apply the MITRE ATT&CK framework to map adversary tactics, techniques, and procedures (TTPs) during investigations, turning fragmented alerts into clear and actionable threat narratives.
  • Conduct in-depth forensic analysis of endpoint, network, and cloud telemetry to support incident investigations and root cause analysis activities.
  • Support and contribute to the four phases of the NIST SP 800-61 incident response lifecycle, Preparation, Detection and Analysis, Containment/Eradication/Recovery, and Post-Incident Activity, ensuring thorough documentation and stakeholder communication at each stage.
  • Mentor and provide technical guidance to Tier I and Tier II SOC analysts, supporting their professional development and improving overall team capability.
  • Collaborate with threat hunting, CTI, and security engineering teams to operationalize new detection logic and ensure the SOC benefits from the latest intelligence.
  • Produce high-quality incident reports, shift logs, and technical documentation for both technical teams and senior government officials.
Contribute to detection engineering and automation initiatives to reduce manual workload and improve analyst efficiency across the SOC.

Required Skills

  • U.S. Citizenship required.
  • 6+ years of SOC experience, with demonstrated expertise in Tier III incident response, forensic analysis, and SIEM operations.
  • Remote but within close proximity to the NCR.
  • Active Public Trust 6c clearance, or the ability to obtain and maintain one.
  • At least one of the following certifications: GCIA, CEH, or CompTIA Security+.
  • Hands-on experience with SIEM platforms and endpoint telemetry analysis in a federal or enterprise environment.
  • Strong experience with operating systems, networking fundamentals, and AWS native security capabilities.
  • Deep understanding of the NIST SP 800-61 incident response framework and its practical application within a tiered SOC environment.
  • Demonstrated ability to apply the MITRE ATT&CK framework to real-world incident investigations and detection improvement activities.
  • Experience contributing to or developing incident response playbooks, SOPs, and lessons-learned documentation.
  • Proven ability to lead shift handovers and maintain clear, accurate operational documentation in a 24x7x365 environment.
  • Strong written and verbal communication skills, with the ability to translate complex technical findings into actionable language for both technical and executive audiences.


Desired Skills

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent professional experience.
  • One of the following certifications.
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Reverse Engineering Malware (GREM)
  • GIAC Security Expert (GSE)
  • AWS Cloud Practitioner or higher, with AWS GovCloud experience desired
  • Familiarity with federal cybersecurity frameworks including NIST SP 800-53, NIST RMF, IRS Publication 1075, FedRAMP, and OMB compliance requirements.
  • Experience supporting continuous monitoring programs and coordinating with stakeholders on POA&M remediation tracking.
  • Prior experience working on large-scale federal civilian agency programs with complex, multi-stakeholder environments.
  • Experience with SOAR platforms to automate repetitive SOC tasks and accelerate incident response workflows.
  • Familiarity with malware analysis techniques, including static analysis, sandboxing, and IoC extraction.
  • Experience with cloud-native security operations in AWS GovCloud or Azure Government environments.
  • Ability to support detection engineering efforts, including writing and tuning SIEM detection rules and correlation logic.
  • Familiarity with scripting languages such as Python or PowerShell for log parsing and investigation acceleration.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:
  • Attracting and developing top talent and high-performing teams
  • Fostering a culture that is engaging, accountable, and mission-driven

Meet the challenge. Make a difference with Everforth ECS!
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10112MAN
  • Position Id: 4648
  • Posted 1 day ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Fairfax, Virginia

Today

Full-time

USD 140,000.00 - 160,000.00 per year

Fairfax, Virginia

Today

Full-time

Hybrid in Washington, District of Columbia

5d ago

Easy Apply

Full-time

Depends on Experience

Reston, Virginia

Today

Full-time

Search all similar jobs