Senior SOC Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

KeenLogic · 2 days ago

Senior SOC Analyst

positionMerrifield, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

KeenLogic is seeking to hire a Senior SOC Analyst & Incident Responder to join our team at the Drug Enforcement Administration. The Senior SOC Analyst is a key member of the Security Operations Center, responsible for conducting advanced investigations, incident response, and proactive threat hunting.

Information Technology
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead advanced incident detection, investigation, and analysis efforts
Correlate SIEM, EDR, IDS/IPS, and firewall data to identify and analyze potential incidents
Perform deep-dive investigations to determine root cause, scope, and impact of incidents
Apply MITRE ATT&CK and other frameworks for adversary TTP identification
Conduct kill-chain and supply chain analysis to understand and counter threats
Coordinate and direct complex incident response activities
Guide preparation, identification, containment, eradication, and recovery actions in collaboration with SOC, forensics, and engineering teams
Serve as the primary escalation point for high-impact or advanced incidents
Ensure incident handling aligns with established guidelines, response plans, and playbooks
Conduct proactive threat hunting to identify emerging risks
Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack
Hunt for advanced persistent threats and undiscovered vulnerabilities
Use advanced queries in SOC cybersecurity tools to detect anomalous or suspicious activity
Work with forensic teams to ensure proper forensic collection, preservation, and analysis of digital evidence
Coordinate with forensics teams to ensure chain-of-custody and evidence integrity
Extract and analyze relevant artifacts to support investigations and post-incident reviews
Document and communicate forensic findings to stakeholders
Develop and enhance SOC processes, playbooks, and detection capabilities
Refine detection rules, alert thresholds, and automation workflows in SIEM/SOAR platforms and other cybersecurity tools
Create SOPs, knowledge base articles, and training materials for SOC staff
Recommend and guide implementation of new detection and analysis tools
Perform threat intelligence collection, analysis, and dissemination
Gather threat data from internal, classified, and open-source intelligence feeds
Analyze and contextualize intelligence to produce actionable recommendations
Share relevant threat information with SOC, leadership, and partner teams
Mentor and train SOC analysts to improve investigative capabilities and analytical thought process
Provide real-time guidance during active incidents
Conduct regular training sessions, tabletop exercises, and red/blue team drills
Validate analyst findings and provide feedback to designed to provoke thought, improve accuracy, and investigative thoroughness
Collaborate with stakeholders to strengthen overall cybersecurity posture
Work with engineering, IT, and cloud teams to address identified vulnerabilities
Participate in tool evaluations, recommending solutions that enhance SOC capabilities and identify capability overlap
Support internal coordination with DEA sections, divisions, and external entities
Maintain documentation and reporting for SOC operations
Record investigative steps, evidence, and incident timelines in case management systems
Generate incident reports, trend analyses, and post-mortem summaries
Provide executive-level briefings on security events and SOC performance

Qualification

Incident ResponseCybersecurityComputer ForensicsThreat HuntingSIEMMITRE ATT&CKVulnerability AssessmentThreat IntelligenceCISSPMentoringCollaborationDocumentation

Required

Active Secret or Top Secret clearance
Master's degree and 8 years or Bachelor's degree and 11 years
Documented work experience performing any combination of Information System Security, Security Assessment & Authorization, Cybersecurity, Computer Forensics, or Insider Threat
One of the following required: CBROPS, CFR, CompTIA: CySA+, Security + CE, CASP+CE, FITSP-O, SANS: GCFA, GCIA, GDSA, GICSP, CCNA-Security, CCNP Security, CISSP (or associate), CCSP, CISA, SSCP, CND

Benefits

Health/dental/vision
PTO
401k
Life Insurance

Company

KeenLogic

twittertwitter
company-logo
KeenLogic is a transformative and world-class IT Services company based in Maryland.
dateFounded in 2012
location
Fredericksburg, Virginia, USA
people-size51-200 employees
web-link
https://keenlogicinc.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Matthew Totsch
CEO and Founder
linkedin
leader-logo
J.G. Meyer
President & Chief Operating Officer
linkedin
Company data provided by crunchbase