Conduct daily case reviews and escalate incidents lacking timely or adequate response.
Prioritize, monitor, & escalate security events based on severity and criticality.
Triage alerts and generate cases for valid, actionable threats.
Maintain detailed case notes and escalate unresolved or high-risk incidents.
Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
Document all incidents, investigative actions, and outcomes thoroughly.
Develop and refine standard operating procedures and workflows based on alert reviews and team feedback.
Coordinate required actions and communications as directed by incident response plans and leadership.
Work closely with GSFC teams to enrich incident data and support comprehensive analysis.
Communicate effectively with stakeholders and employees regarding case status and findings.
Stay informed on emerging cybersecurity threats, trends, and technologies.

Requirements

4+ years of hands-on experience in a SOC environment with depth in incident triage/response.
Demonstrated ability in analyzing, triaging, & remediating complex security incidents.
Solid knowledge & hands-on experience in log analysis, network traffic analysis, malware investigation, & digital forensics.
Background with SIEM platforms (e.g., Splunk, Sentinel, Elastic, Chronicle) for threat detection and analysis.
Good knowledge of EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint).
Relevant certifications preferred: CompTIA CySA+, GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), Certified Information Systems Security Professional (CISSP).

Benefits

Health insurance
Retirement plans
Paid time off
Flexible work arrangements
Professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident triageincident responselog analysisnetwork traffic analysismalware investigationdigital forensicsthreat detectionthreat analysisremediation of security incidentsstandard operating procedures

Soft Skills

communicationprioritizationmonitoringescalationteam collaborationstakeholder engagementanalytical thinkingattention to detailproblem-solvingadaptability

Certifications

CompTIA CySA+GIAC Certified Incident Handler (GCIH)GIAC Certified Intrusion Analyst (GCIA)Certified Information Systems Security Professional (CISSP)