Senior SOC Analyst

Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers’ most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets.

Position Overview

The Senior SOC Analyst is responsible for advanced threat detection, incident response, and security monitoring within the Security Operations Center. This role involves investigating complex security incidents, mentoring junior analysts, and continuously improving security operations processes.

Key Responsibilities

Security Monitoring & Analysis

• Monitor security alerts and events from SIEM, IDS/IPS, EDR, and other security tools
• Perform advanced threat hunting and proactive security investigations
• Analyze complex security incidents and determine scope, impact, and root cause
• Correlate data from multiple sources to identify sophisticated attack patterns
• Conduct malware analysis and reverse engineering when necessary
  
  

Incident Response

• Lead incident response efforts for high-severity security events
• Contain, eradicate, and recover from security incidents
• Document incidents thoroughly and create detailed reports
• Perform post-incident reviews and develop lessons learned
• Coordinate with IT teams and stakeholders during incident response
  
  

Threat Intelligence & Detection Engineering

• Research emerging threats, vulnerabilities, and attack techniques
• Develop and tune detection rules and use cases
• Reduce false positives and improve alert quality
• Create and maintain playbooks and standard operating procedures
• Contribute to threat intelligence sharing and analysis
  
  

Leadership & Mentoring

• Mentor and train junior and mid-level SOC analysts
• Provide guidance on complex investigations and escalations
• Participate in on-call rotation if needed for surge support or incident investigation
• Contribute to SOC process improvements and automation initiatives
  
  

Reporting & Communication

• Prepare detailed technical reports and executive summaries
• Present findings to management and technical teams
• Maintain accurate documentation of procedures and investigations
• Communicate effectively with stakeholders across the organization
  
  

Experience

Required Qualifications

• 5 years of experience in cybersecurity or SOC environment
• 3 years of hands-on experience with SIEM platforms, Microsoft Sentinel required
• Proven experience in incident response and threat hunting
• Experience with endpoint detection and response (EDR) tools
  
  

Technical Skills

• Deep understanding of network protocols, architecture, and security
• Proficiency in log analysis and security event correlation
• Knowledge of malware analysis techniques and tools
• Familiarity with threat frameworks (MITRE ATT&CK, Cyber Kill Chain)
• Strong understanding of Windows, Linux, and cloud environments
• Experience with scripting languages (Python, PowerShell, Bash)
• Knowledge of forensic tools and methodologies
  
  

Certifications (Preferred)

• GIAC Security Essentials (GSEC)
• GIAC Certified Incident Handler (GCIH)
• Certified Information Systems Security Professional (CISSP)
• GIAC Cyber Threat Intelligence (GCTI)
• Certified Ethical Hacker (CEH)
• Or equivalent industry certifications
  
  

Preferred Qualifications

• Experience with cloud security (AWS, Azure, GCP)
• Knowledge of SOAR platforms and security automation
• Threat intelligence platform experience
  
  

Key Competencies

• Strong analytical and problem-solving abilities
• Excellent written and verbal communication skills
• Ability to work under pressure during security incidents
• Self-motivated with strong attention to detail
• Team player with collaborative mindset
• Continuous learning attitude toward evolving threats
  
  

Work Environment

• On-call may be required for surge support or active incidents.
• Training period requires onsite in office 5 days a week. Hybrid option will be available after training period.
• Fast-paced, high-pressure environment during incidents
  
  

At Nightwing, we value collaboration and teamwork. You’ll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we’ll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients.

Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team.

Nightwing is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.