Senior SOC Analyst
Position Overview
The Senior SOC Analyst is responsible for advanced threat detection, incident response, and security monitoring within the Security Operations Center. This role involves investigating complex security incidents, mentoring junior analysts, and continuously improving security operations processes.
Key Responsibilities
- Monitor security alerts and events from SIEM, IDS/IPS, EDR, and other security tools
- Perform advanced threat hunting and proactive security investigations
- Analyze complex security incidents and determine scope, impact, and root cause
- Correlate data from multiple sources to identify sophisticated attack patterns
- Conduct malware analysis and reverse engineering when necessary
- Lead incident response efforts for high-severity security events
- Contain, eradicate, and recover from security incidents
- Document incidents thoroughly and create detailed reports
- Perform post-incident reviews and develop lessons learned
- Cook up with IT teams and stakeholders during incident response
- Threat Intelligence & Detection Engineering
- Research emerging threats, vulnerabilities, and attack techniques
- Develop and tune detection rules and use cases
- Reduce false positives and improve alert quality
- Create and maintain playbooks and standard operating procedures
- Contribute to threat intelligence sharing and analysis
- Leadership & Mentoring
- Mentor and train junior and mid-level SOC analysts
- Provide guidance on complex investigations and escalations
- Participate in on-call rotation if needed for surge support or incident investigation
- Contribute to SOC process improvements and automation initiatives
Qualifications
- 5+ years of experience in cybersecurity or SOC environment
- 3+ years of hands-on experience with SIEM platforms, Microsoft Sentinel required
- Proven experience in incident response and threat hunting
- Experience with endpoint detection and response (EDR) tools
- Deep understanding of network protocols, architecture, and security
- Proficiency in log analysis and security event correlation
- Knowledge of malware analysis techniques and tools
- Familiarity with threat frameworks (MITRE ATT&CK, Cyber Kill Chain)
- Strong understanding of Windows, Linux, and cloud environments
- Experience with scripting languages (Python, PowerShell, Bash)
- Knowledge of forensic tools and methodologies
Experience Required
- Experience with cloud security (AWS, Azure, GCP) is preferred
- Knowledge of SOAR platforms and security automation is preferred
- Threat intelligence platform experience is preferred
Technical Skills
- Deep understanding of network protocols, architecture, and security
- Proficiency in log analysis and security event correlation
- Knowledge of malware analysis techniques and tools
- Familiarity with threat frameworks (MITRE ATT&CK, Cyber Kill Chain)
- Strong understanding of Windows, Linux, and cloud environments
- Experience with scripting languages (Python, PowerShell, Bash)
- Knowledge of forensic tools and methodologies
Key Competencies
- Strong analytical and problem-solving abilities
- Excellent written and verbal communication skills
- Ability to work under pressure during security incidents
- Self-motivated with strong attention to detail
- Team player with collaborative mindset
- Continuous learning attitude toward evolving threats
Work Environment
- On-call may be required for surge support or active incidents
- Training period requires onsite in office 5 days a week
- Hybrid option will be available after training period
- Fast-paced, high-pressure environment during incidents
About the Role
Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers’ most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets.
Benefits
Nightwing is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.