Overview
Skills
Job Details
Role: Security Operations Analyst
Location : Remote (Herndon, VA) ; Local to VA will have to go onsite 4 days a week
Duration: 12+ Months Contract
Clearance Level: Able to obtain MBI clearance
Position Description:
Seeking a highly motivated Security Operations Analyst to support the GO.gov system by monitoring, analyzing, and responding to security events across all system components. The candidate will be required to triage alerts from Sumo Logic, CrowdStrike, Qualys, and AWS-native services, escalates potential incidents, and performs initial containment actions. The role participates in a 24/7 on-call rotation to ensure continuous coverage and rapid response to security issues affecting system confidentiality, integrity, or availability.
Required Skills:
- Experience in security operations, SIEM analysis, and incident response.
- Proficiency with Sumo Logic, CrowdStrike EDR, Qualys, and AWS CloudWatch/CloudTrail.
- Ability to interpret log data, identify anomalies, and follow defined playbooks.
- Understanding of AWS networking and security concepts.
- Strong written and verbal communication skills.
- Ability to work independently during on-call shifts and make sound triage decisions under pressure.
Preferred Skills:
- Familiarity with FedRAMP, NIST 800-53, and federal incident handling processes.
- Experience with Kubernetes/ECS, Keycloak, ServiceNow Security Operations, and MuleSoft logging.
- Prior work within AWS GovCloud or multi-region architectures.
- Competency in scripting (Python, Bash) for automation of investigations and reporting.
- Knowledge of vulnerability management workflows and code-scanning tools such as SonarQube.