Apply on Employer Site

SOSi · 4 months ago

Senior Cyber Defense Analyst – Incident Response Lead (CDA Lead / IR Lead)

Pearl Harbor, Hawaii

Full-time

Onsite

Senior Level

5+ years exp

SOSi is seeking a Senior Cyber Defense Analyst – Incident Response Lead to join their elite team in Hawaii, focusing on supporting INDOPACOM warfighters with secure Coalition connectivity. The role involves leading the Cyber Defense Analyst team, guiding incident response efforts, and ensuring alignment between analysts and engineering teams to enhance cyber defense capabilities.

ConsultingGovernmentInformation Technology

No H1B

Security Clearance Required

Responsibilities

Lead the Cyber Defense Analyst team, providing direction on monitoring priorities, triage, and incident investigations

Act as Incident Response Lead (IRL) during escalations, coordinating containment, remediation, and reporting across NSOC, DCAI engineers, and mission partners

Validate and adjudicate escalated detections from AI-assisted SOC tools, ensuring accuracy, prioritization, and timely response

Mentor and coach analysts in advanced detection, threat hunting, and IR skills; provide regular feedback and performance oversight

Serve as primary liaison between analysts and engineering teams (DCAI, Detection Engineering) to refine AI models, SOAR playbooks, and detection logic

Direct threat hunting operations based on adversary TTPs, threat intelligence, and anomaly detection

Ensure incidents are documented to NSOC standards, with case studies and lessons learned integrated into playbooks

Lead red/blue team exercises and tabletop drills to validate analyst readiness and IR procedures

Provide senior-level reporting and executive briefings on major incidents to NSOC leadership and external stakeholders

Maintain compliance with RMF, CSSP, and NSOC SOPs; validate AI-augmented IR processes meet accreditation requirements

Qualification

Incident Response LeadThreat HuntingCyber DefenseSIEM ProficiencyAdvanced CertificationsMalware AnalysisLeadership SkillsExecutive Briefing SkillsCommunication Skills

Required

Active or eligible SECRET security clearance (must be willing to obtain and maintain)

Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related technical discipline; equivalent work experience considered

5+ years of SOC/NSOC or cyber defense experience, with demonstrated IR and threat hunting expertise

DoD 8140 Intermediate compliant (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC)

Proven experience leading analyst teams or serving as a shift/incident lead

Strong knowledge of adversary TTPs (MITRE ATT&CK), malware analysis, and advanced detection/response techniques

Proficiency with SIEM, EDR, SOAR, and packet capture/analysis tools (e.g., Wireshark, Zeek)

Strong leadership, communication, and briefing skills for technical and executive audiences

Preferred

Active Top Secret clearance with ability to obtain/maintain TS/SCI

Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI

Experience in a military cyber defense environment or enterprise-level 24/7 SOC

Prior IR Lead/Tier 3 response experience with major incident coordination responsibilities

Experience working alongside AI/ML-assisted SOC platforms and automation pipelines

Company

SOSi

Glassdoor3.0

SOSi solves the challenges of the modern mission.

Founded in 1989

New York, New York, USA

1001-5000 employees

http://www.sosi.com

Funding

Current Stage

Late Stage

Leadership Team

Jim Edwards

Chief Growth Officer

Recent News

The Latest Tech News from Techreport

ICE Deploys AI to Watch What You Post Online

2025-11-01

EIN Presswire

NaVOBA Announces the 2025 Best Corporations for Veteran's Business Enterprises®

2025-10-06

citybiz

SOSi Appoints Andre Watson as Senior Account Executive

2025-08-21

Company data provided by crunchbase