Senior Security Operations Analyst (SOC/Incident Response) - Onsite in Washingto
Booker DiMaio, LLC, Washington, District of Columbia, United States
This job is onsite in Washington, DC (20024). Selected candidate must be able to get a Public Trust clearance.
We are seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal environment in Washington, DC. This role is focused on continuous monitoring, alert triage, log analysis, and incident response execution to protect mission‑critical systems. The position operates within a structured Security Operations Center (SOC) environment and requires strong hands‑on analytical and incident response experience.
The ideal candidate will have experience performing security monitoring, investigating alerts, and executing incident response procedures in a SIEM‑driven environment, along with familiarity supporting federal cybersecurity operations.
Key Responsibilities
Perform continuous monitoring of security events, alerts, and system activity across enterprise environments
Analyze and triage alerts from SIEM and security monitoring tools to determine severity, scope, and impact
Conduct detailed log analysis across network, endpoint, identity, and cloud environments to identify indicators of compromise
Execute incident response procedures including containment, eradication, recovery, documentation, and escalation
Maintain awareness of threats, vulnerabilities, and attack patterns impacting enterprise systems
Document and track security incidents in accordance with established procedures and federal reporting requirements
Support refinement of detection rules, alert logic, and SIEM use cases to improve detection and response accuracy
Collaborate with cybersecurity engineers and leadership to strengthen defensive capabilities
Produce incident reports, security summaries, and operational documentation for leadership and compliance needs
Participate in shift‑based SOC operations as required to support continuous monitoring coverage
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
6+ years of experience in Security Operations, SOC analysis, or Incident Response
Government experience required
Active or previously held Public Trust clearance; U.S. Citizenship required
CompTIA Security+ certification required
CompTIA CySA+ certification required
Hands‑on experience with:
SIEM platforms and alerting systems
Log analysis across network, endpoint, identity, and cloud environments
Threat detection and security monitoring tools
Demonstrated experience with:
Daily security monitoring and alert triage
Incident response execution in structured SOC environments
Security operations support in enterprise environments
Strong understanding of cybersecurity principles, threat vectors, and attacker methodologies
Ability to analyze complex datasets and respond to security incidents under pressure
Strong communication and documentation skills
Desired Qualifications
Experience supporting federal cybersecurity compliance frameworks such as NIST and FISMA
Familiarity with SOC ticketing systems and workflow tools
Exposure to cloud security monitoring (Microsoft Azure or AWS environments)
Experience working in 24/7 Security Operations Center environments
Experience supporting detection engineering or SIEM rule tuning activities
#J-18808-Ljbffr
We are seeking a Senior Security Operations Analyst to support cybersecurity operations within a federal environment in Washington, DC. This role is focused on continuous monitoring, alert triage, log analysis, and incident response execution to protect mission‑critical systems. The position operates within a structured Security Operations Center (SOC) environment and requires strong hands‑on analytical and incident response experience.
The ideal candidate will have experience performing security monitoring, investigating alerts, and executing incident response procedures in a SIEM‑driven environment, along with familiarity supporting federal cybersecurity operations.
Key Responsibilities
Perform continuous monitoring of security events, alerts, and system activity across enterprise environments
Analyze and triage alerts from SIEM and security monitoring tools to determine severity, scope, and impact
Conduct detailed log analysis across network, endpoint, identity, and cloud environments to identify indicators of compromise
Execute incident response procedures including containment, eradication, recovery, documentation, and escalation
Maintain awareness of threats, vulnerabilities, and attack patterns impacting enterprise systems
Document and track security incidents in accordance with established procedures and federal reporting requirements
Support refinement of detection rules, alert logic, and SIEM use cases to improve detection and response accuracy
Collaborate with cybersecurity engineers and leadership to strengthen defensive capabilities
Produce incident reports, security summaries, and operational documentation for leadership and compliance needs
Participate in shift‑based SOC operations as required to support continuous monitoring coverage
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred; equivalent experience accepted
6+ years of experience in Security Operations, SOC analysis, or Incident Response
Government experience required
Active or previously held Public Trust clearance; U.S. Citizenship required
CompTIA Security+ certification required
CompTIA CySA+ certification required
Hands‑on experience with:
SIEM platforms and alerting systems
Log analysis across network, endpoint, identity, and cloud environments
Threat detection and security monitoring tools
Demonstrated experience with:
Daily security monitoring and alert triage
Incident response execution in structured SOC environments
Security operations support in enterprise environments
Strong understanding of cybersecurity principles, threat vectors, and attacker methodologies
Ability to analyze complex datasets and respond to security incidents under pressure
Strong communication and documentation skills
Desired Qualifications
Experience supporting federal cybersecurity compliance frameworks such as NIST and FISMA
Familiarity with SOC ticketing systems and workflow tools
Exposure to cloud security monitoring (Microsoft Azure or AWS environments)
Experience working in 24/7 Security Operations Center environments
Experience supporting detection engineering or SIEM rule tuning activities
#J-18808-Ljbffr