SOC Analyst

Job Description

Everforth ECS is seeking a SOC Analyst to work remotely .

At Everforth ECS Federal, we're driven by a commitment to excellence and innovation in solving complex challenges. As a premier provider of advanced technology solutions and services, our mission is to secure and optimize the most critical commercial, government, defense, and intelligence projects across the country. Our team is composed of dynamic professionals who thrive in a collaborative and empowering environment, where our team members leverage the latest technologies and insights to make a real-world impact. Join us and be part of a forward-thinking organization that values your expertise and supports your professional growth.

The SOC Analyst is responsible for enterprise security monitoring, alert investigation, and incident response activities within the Everforth Security Operations Center (SOC). This role supports the continuous monitoring of enterprise systems and security telemetry to identify potential threats and suspicious activity. SOC Analysts perform investigative analysis of security alerts, participate in incident response activities, and contribute to detection engineering efforts that improve the organization's ability to detect malicious activity.

This role reports to the SOC Manager and works closely with Senior SOC Analysts, the Security Engineering team, enterprise IT operations teams, and the MSSP to ensure effective monitoring, investigation, and response across the enterprise environment.

R esponsibilities

• Security Monitoring : Monitor enterprise security telemetry and alerts generated by security platforms to identify potential threats or suspicious activity.

• Alert Investigation : Conduct investigations of security alerts to determine legitimacy, scope, and potential impact to enterprise systems.

• Incident Detection : Identify indicators of compromise, malicious behavior, and suspicious activity within enterprise environments.

• Incident Response Support : Support investigation and response activities during confirmed or suspected cybersecurity incidents.

• Threat Analysis : Analyze security telemetry, logs, and alerts to determine attacker behavior, indicators of compromise, and potential attack vectors.

• Detection Engineering Support : Contribute to the development and refinement of detection rules and monitoring analytics based on investigation findings.

• Threat Hunting : Participate in proactive threat hunting activities to identify adversary behavior that may not be detected through automated monitoring.

• MSSP Escalation Review : Review and investigate alerts escalated by the MSSP after- hours monitoring team.

• Investigation Documentation : Document investigations, findings, and response actions within the SOC case management platform.

• Operational Effecti veness: Contributes to SOC process improvements by supporting automation efforts, implementing AI-assisted workflows, identifying efficiency opportunities, and helping enhance detection and response operations.

• Playbook Execution : Execute SOC operational playbooks and investigation procedures during alert triage and incident response.

• Operational Collaboration : Work closely with IT operations, infrastructure teams, and security engineering to support investigation and remediation activities.

• Continuous Improvement : Identify opportunities to improve monitoring coverage, investigation processes, and detection capabilities.

• On-Call Support: Participates in on-cal l supp ort to assist with security incident response, operational issues, and investigation a ctivitie s to maintain continuous SOC coverage and response capability.

Required Skills

• • Experience : Minimum of 3-5 years of cybersecurity experience, with experience in security operations, threat monitoring, or incident response environments.
  • Security Monitoring Experience : Experience monitoring security alerts and investigating suspicious activity using enterprise security tools.
  • Investigation Skills : Ability to analyze security alerts, logs, and telemetry to determine potential malicious activity.
  • Security Technology Experience : Experience working with enterprise security tools such as SIEM platforms, endpoint detection and response (EDR), and log analysis tools.
  • Log Analysis Knowledge : Experience reviewing system logs, authentication activity, endpoint telemetry, and network security events.
  • Incident Investigation Awareness : Understanding of basic incident response processes and investigation workflows.
  • Threat Detection Awareness : Familiarity with common attacker techniques and indicators of compromise.
  • Security Framework Awareness : Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework or CIS Critical Security Controls.
  • Investigation Documentation : Experience documenting investigations and response actions in case management platforms.
  
  Other Requirements of the position include:
  • Ab l e and willing to obtain a US Security Clearance .
  • This role may require occasional on-call support during off-hours to respond to security incidents.

Desired Skills

• Threat Hunting Exposure : Exposure to threat hunting techniques and investigative analysis of enterprise telemetry.

• Detection Development Awareness : Understanding of detection logic and experience assisting in tuning or improving detection rules.

• Adversary Tactics Knowledge : Familiarity with attacker tactics and techniques such as those documented in the MITRE ATT&CK framework.

• Cloud Security Monitoring : Exposure to monitoring or investigating activity within cloud or SaaS environments.

• Security Automation Awareness : Understanding of security automation capabilities used to improve investigation workflows.

• Excellent analytical and problem-solving skills , with the ability to handle complex security challenges and think like an adversary

• Strong communication skills , with the ability to articulate complex technical concepts to both technical and non-technical audiences.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees . Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams

• Fostering a culture that is engaging, accountable, and mission-driven

Meet the challenge. Make a difference with Everforth ECS!