Tier 3 SOC Analyst

About the position

Tier 3 SOC Analyst The Opportunity: We are seeking an experienced Tier 3 Analyst to join our Security Operations Center (SOC) team. In this role, you will be responsible for conducting advanced analysis, leading incident response efforts, and developing mitigation strategies to protect critical government systems and data. What You'll Work On: Investigate and resolve high-severity and advanced persistent threats (APTs), zero-day exploits, and targeted attacks. Perform deep-dive analysis across endpoint, network, and cloud environments. Conduct advanced threat hunting based on hypotheses, threat intelligence, and behavioral indicators. Serve as the final escalation point for Tier 1 and Tier 2 analysts, providing technical guidance and mentoring. Produce comprehensive incident reports with root cause analysis, timelines, and recommended corrective actions. Interface with incident response teams, ISSOs, system owners, and agency leadership during incident handling. Join us. The world can’t wait.

Responsibilities

• Investigate and resolve high-severity and advanced persistent threats (APTs), zero-day exploits, and targeted attacks.
• Perform deep-dive analysis across endpoint, network, and cloud environments.
• Conduct advanced threat hunting based on hypotheses, threat intelligence, and behavioral indicators.
• Serve as the final escalation point for Tier 1 and Tier 2 analysts, providing technical guidance and mentoring.
• Produce comprehensive incident reports with root cause analysis, timelines, and recommended corrective actions.
• Interface with incident response teams, ISSOs, system owners, and agency leadership during incident handling.

Requirements

• 10+ years of experience in security operations, incident response, or cyber threat analysis
• Experience with SIEM platforms, EDR tools, packet capture analysis, and forensic toolkits
• Knowledge of the MITRE ATT&CK framework, network protocols, malware behavior, and adversary TTPs
• Ability to work under pressure and communicate effectively with both technical and executive stakeholders
• Secret clearance
• Bachelor’s degree

Nice-to-haves

• Experience with cloud security operations such as AWS and Azure and Zero Trust environments
• Experience contributing to threat detection engineering or threat intelligence integration
• GCIA, GCIH, GNFA, GCFA, OSCP, CISSP, or equivalent Certification

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program