General Dynamics Information Technology
Tier 2 Cybersecurity Analyst
General Dynamics Information Technology, Bossier City, Louisiana, United States, 71111
Tier 2 Cybersecurity Analyst
We are seeking a
Tier 2 Cybersecurity Analyst
to join our dynamic
Cyber Security Operations Center (CSOC) . The ideal candidate will be responsible for advanced threat detection, incident response, and security event analysis across the enterprise environment at the
Department of Education . This role serves as the escalation point for Tier 1 analysts and plays a key role in containing threats, improving detection capabilities, and hardening defenses.
You will work closely with other cybersecurity, infrastructure, and threat intelligence teams to investigate complex incidents, refine detection rules, and enhance
SOC
processes to strengthen the organization's security posture.
Key Responsibilities
Perform in-depth triage and analysis of alerts escalated from Tier 1, including endpoint, network, and cloud events.
Investigate and respond to malware infections, phishing attempts, lateral movement, and data exfiltration indicators.
Conduct root cause analysis and coordinate containment, eradication, and recovery efforts.
Assist in tuning tools within our security stack and playbook automation to reduce false positives and improve efficiency.
Maintain incident response documentation, procedures, and post-incident reports.
Collaborate with Threat Intelligence and Tier 3 teams to refine detection content based on emerging threats.
Assist in vulnerability management and remediation verification.
Provide guidance and mentorship to Tier 1 analysts on investigations and best practices.
Participate in on-call rotation.
Required Qualifications Education:
Technical Training, Certification(s), or Degree
Experience:
1+ years of experience in a Security Operations Center or incident response role.
Certification:
CompTia Security+ desired, but other relevant security certifications may be considered in lieu of Security+.
Skills
Strong knowledge of Splunk.
Hands‑on experience with Defender for Endpoint.
Solid understanding of network protocols, system logs, and threat actor TTPs (MITRE ATT&CK framework).
Proficiency in analyzing Windows, Linux, and cloud environments for indicators of compromise.
Strong analytical, documentation, and communication skills.
Preferred Qualifications
Experience with Microsoft Defender XDR, Palo Alto Firewall, & Tenable
Familiarity with Palo Alto Cortex XSOAR.
Exposure to threat hunting and proactive detection engineering.
Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent work experience) nice to have.
Additional experience in a Security Operations Center or incident response role nice to have.
US Citizenship Required
Location:
Hybrid at GDIT's Integrated Technology Center in Bossier City, LA. Participation in an on‑call rotation will be required.
What We Offer
Competitive salary and performance‑based bonuses.
Comprehensive health, dental, and vision benefits.
Paid time off, holidays, and flexible scheduling.
Opportunities for training, certification reimbursement, and career advancement.
A collaborative environment that values innovation, mentorship, and continuous learning.
#J-18808-Ljbffr
Tier 2 Cybersecurity Analyst
to join our dynamic
Cyber Security Operations Center (CSOC) . The ideal candidate will be responsible for advanced threat detection, incident response, and security event analysis across the enterprise environment at the
Department of Education . This role serves as the escalation point for Tier 1 analysts and plays a key role in containing threats, improving detection capabilities, and hardening defenses.
You will work closely with other cybersecurity, infrastructure, and threat intelligence teams to investigate complex incidents, refine detection rules, and enhance
SOC
processes to strengthen the organization's security posture.
Key Responsibilities
Perform in-depth triage and analysis of alerts escalated from Tier 1, including endpoint, network, and cloud events.
Investigate and respond to malware infections, phishing attempts, lateral movement, and data exfiltration indicators.
Conduct root cause analysis and coordinate containment, eradication, and recovery efforts.
Assist in tuning tools within our security stack and playbook automation to reduce false positives and improve efficiency.
Maintain incident response documentation, procedures, and post-incident reports.
Collaborate with Threat Intelligence and Tier 3 teams to refine detection content based on emerging threats.
Assist in vulnerability management and remediation verification.
Provide guidance and mentorship to Tier 1 analysts on investigations and best practices.
Participate in on-call rotation.
Required Qualifications Education:
Technical Training, Certification(s), or Degree
Experience:
1+ years of experience in a Security Operations Center or incident response role.
Certification:
CompTia Security+ desired, but other relevant security certifications may be considered in lieu of Security+.
Skills
Strong knowledge of Splunk.
Hands‑on experience with Defender for Endpoint.
Solid understanding of network protocols, system logs, and threat actor TTPs (MITRE ATT&CK framework).
Proficiency in analyzing Windows, Linux, and cloud environments for indicators of compromise.
Strong analytical, documentation, and communication skills.
Preferred Qualifications
Experience with Microsoft Defender XDR, Palo Alto Firewall, & Tenable
Familiarity with Palo Alto Cortex XSOAR.
Exposure to threat hunting and proactive detection engineering.
Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent work experience) nice to have.
Additional experience in a Security Operations Center or incident response role nice to have.
US Citizenship Required
Location:
Hybrid at GDIT's Integrated Technology Center in Bossier City, LA. Participation in an on‑call rotation will be required.
What We Offer
Competitive salary and performance‑based bonuses.
Comprehensive health, dental, and vision benefits.
Paid time off, holidays, and flexible scheduling.
Opportunities for training, certification reimbursement, and career advancement.
A collaborative environment that values innovation, mentorship, and continuous learning.
#J-18808-Ljbffr