Senior SOC Analyst

Role Summary

The Senior SOC Analyst will provide advanced technical expertise in Incident Response (IR), Network Defense, and SIEM content development in support of the US Mint. This role requires deep knowledge of cyber threats, including TTPs, threat actors, campaigns, and observables, along with hands-on experience in SOC operations, threat detection, and security monitoring. The position is primarily hybrid in Washington, DC, with potential for remote work upon approval.

Key Responsibilities

• Perform advanced incident response, investigation, and mitigation activities.
• Monitor, analyze, and respond to security events using SIEM and endpoint detection tools.
• Develop and maintain SIEM content including rules, filters, signatures, and scripts.
• Conduct network and host-based security monitoring and anomaly detection.
• Analyze cyber threats including TTPs, threat actors, campaigns, and observables.
• Perform forensic investigations, including insider threat analysis.
• Utilize packet capture (PCAP) and NetFlow data for network analysis.
• Conduct static and dynamic malware analysis, including reverse engineering.
• Extract, manage, and analyze large datasets for threat detection and reporting.
• Document findings and produce detailed technical reports.
• Escalate and manage security incidents appropriately to maintain system integrity.
• Provide training and mentorship to SOC team members.
• Support cyber defense operations including threat containment and remediation.

Required Technical Skills

• Incident Response (IR) and Network Defense
• SIEM platforms (specifically Splunk) and log management
• SPL (Search Processing Language)
• Host-based and network-based security monitoring tools
• Intrusion Detection Systems (IDS) and intrusion analysis
• Endpoint threat detection tools
• Packet capture tools and PCAP/NetFlow analysis
• Malware analysis (static and dynamic) and reverse engineering
• Scripting and programming (BASH, PowerShell, Python)
• Familiarity with .NET framework
• Data analysis and handling large datasets
• Security operations ticketing systems

Preferred / Nice-to-Have Skills

• Experience mentoring or leading technical teams
• Cyber Hunt operations experience
• Advanced troubleshooting skills
• Metadata extraction and analysis
• Malware Analysis / Reverse Engineering (MA/RE)

Qualifications & Experience

• U.S. Citizenship required
• Ability to obtain a Public Trust clearance
• Minimum 7 years of experience in:
• Incident response
• Insider threat investigations
• Digital forensics
• Cyber threats and information security
• Minimum 5 years of hands-on SOC experience within the last 2 years, including:
• Security monitoring (host and network-based)
• SIEM operations
• Threat detection and analysis
• Required certifications:
• One or more: GCIA, GCIH, GCFA, GCED, or IAT Level III (CASP CE, CCNP Security, CISA, CCSP)
• Active CISSP or ability to obtain within 6 months of hire
• Demonstrated expertise in Advanced Persistent Threats (APT) or emerging threats
• Strong written communication and technical documentation skills
• Experience delivering training to cybersecurity personnel
• BS or MS degree preferred

Work Location

• Washington, DC (Hybrid: 1 day onsite per week)
• Potential for fully remote work pending customer approval