Cyber Defense & Incident Responder (SOC Analyst)

Arlington, VA, US • Posted 1 day ago • Updated 3 hours ago
Full Time
On-site
USD 130,000.00 per year
Fitment

Dice Job Match Score™

📊 Calculating match score...

Job Details

Skills

  • IDS
  • IPS
  • Computer Networking
  • Recovery
  • Leadership
  • Reporting
  • System On A Chip
  • Training
  • Knowledge Sharing
  • Management
  • Information Systems
  • Computer Science
  • Data Science
  • Information Technology
  • Information Security
  • Threat Analysis
  • SIEM
  • Endpoint Protection
  • Log Analysis
  • Analytical Skill
  • Security Clearance
  • DoD
  • Onboarding
  • CompTIA
  • Cloud Computing
  • Security+
  • Customer Engagement
  • SANS
  • GCFA
  • GCIA
  • GSEC
  • Vulnerability Assessment
  • Penetration Testing
  • Cyber Security
  • IT Operations
  • Security Operations
  • Incident Management

Summary

Quick Overview:
  • 100% work on site - no remote work
  • Secret clearance with the ability to acquire a TS
  • Locations near the Pentagon or Mayfield VA
  • Customer DIA
  • Intermediate SOC Analyst
  • 6 years with Bachelor

Position Summary

The Cyber Defense & Incident Responder is responsible for monitoring, analyzing, and responding to cybersecurity incidents in accordance with established procedures. This role focuses on incident triage, investigation, containment, and recovery to minimize impact and restore normal operations.

The analyst will leverage security tools, event logs, correlation data, and threat intelligence to determine the nature and scope of incidents, document findings, and recommend remediation steps.

Key Responsibilities
  • Monitor enterprise security systems and analyze alerts to identify potential cybersecurity incidents
  • Review SIEM, IDS/IPS, EDR, and related tool alerts for anomalous activity and indicators of compromise
  • Validate alerts, reduce false positives, and prioritize incidents based on severity and impact
  • Perform triage and analysis of security events to determine scope, severity, and urgency
  • Examine log data, network telemetry, and endpoint information to identify malicious activity
  • Correlate event details with internal and external threat intelligence
  • Execute incident response actions in accordance with established procedures
  • Contain affected systems, remove malicious artifacts, and assist with system recovery
  • Escalate complex or critical incidents to senior analysts or SOC leadership as needed
  • Document investigative findings, incident timelines, and remediation actions
  • Create and manage incident tickets and upload supporting evidence and artifacts
  • Contribute to after action reviews and post incident reporting
  • Communicate findings clearly and concisely to technical and nontechnical stakeholders
  • Maintain SOC processes, tools, and playbooks to support effective incident handling
  • Recommend improvements to SOPs, escalation procedures, and detection capabilities
  • Participate in training exercises and knowledge sharing activities
  • Support red, blue, or purple team exercises as directed
  • Stay informed on current and emerging cyber threats, threat actor TTPs, and industry trends

Required Qualifications
  • Bachelor's degree in Information Technology, Cybersecurity, Information Systems, Computer Science, Data Science, or related field from an ABET accredited or CAE designated institution preferred
  • Minimum of 6 years of experience in Information Technology and/or Information Security
  • Experience with incident response, threat analysis, SIEM platforms, endpoint security tools, and log analysis
  • Strong analytical and investigative skills with the ability to derive accurate conclusions during incident investigations
  • Active Secret clearance or higher required
  • Must be eligible to obtain a Top Secret clearance if requested
  • Ability to successfully complete a DEA background investigation
  • Must possess at least one applicable DoD 8140 certification or obtain certification within 6 months of onboarding

Preferred Qualifications
  • Preferred DCWF Role 511 Cyber Defense Analyst certifications include:
  • CBROPS
  • CFR
  • CompTIA Cloud+, CySA+, PenTest+, or Security+ CE
  • FITSP O
  • SANS GCED, GCFA, GCIA, GDSA, GFACT, GICSP, GISF, or GSEC
  • Additional Information

This role primarily supports the Operations & Response Team, with potential support across Vulnerability Assessment and Penetration Testing and Engineering teams.The position will coordinate closely with cybersecurity, IT operations, engineering, software operations, and investigative technology teams to support enterprise security operations and incident response activities.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91091699
  • Position Id: 90fb9ee0b882bc40534ba154389d62dd
  • Posted 1 day ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Washington, District of Columbia

Today

Full-time

McLean, Virginia

Today

Full-time

Arlington, Virginia

Today

Full-time

USD 53,900.00 - 120,100.00 per year

Arlington, Virginia

Today

Full-time

USD 159,000.00 - 190,210.00 per year

Search all similar jobs