Senior SOC Analyst

General Dynamics Information Technology

full-time

Posted on: 9/7/2025

Origin: • 🇺🇸 United States • Virginia

Visit company website

✨ AI Apply

Manual Apply

Salary

💰 $83,725 - $113,275 per year

Job Level

Senior

Tech Stack

CloudCyber SecurityServiceNowSplunk

About the role

Review cyber intelligence and identify how current threats affect US BICES networks
Perform cyber detection and incident response activities for a large program
Coordinate with government program staff, USAF, and other government agencies to assist in creation, dissemination, direction, and auditing of program policy, standards, and operating procedures
Review cyber events and document cybersecurity incidents utilizing ServiceNow
Produce after action reports following closure of cybersecurity incidents
Monitor, analyze, and respond to cybersecurity events using SPLUNK, IDS/IPS, ACAS, ESS (HBSS), and FIREPOWER
Work with vendors to ensure DCO tool suites detect and capture required cyber incidents, including latest threats and zero-days
Review intelligence reports and provide daily cyber assessments on impact to US BICES networks
Recognize and codify attacker tools, tactics, and procedures (TTPs) into indicators of compromise (IOCs)
Utilize network and endpoint defensive tools to identify and analyze potential breaches or threat activity
Research and develop methods of tracking and detecting malicious activity within a network
Be available for after-hours support as part of a 24/7 operation
Participate in daily use of threat intelligence, analysis of anomalous log data, and brainstorming sessions to detect and eradicate threat actors
Perform malware analysis and triage, extracting relevant host and network-based indicators from samples
Create, modify, and tune IDS/IDPS Signature Rule Generation (Snort)
Create, modify, and tune Splunk dashboards, reports, and alerts related to real-time detection and incident response
Report to senior GDIT and government personnel on overall program security posture
Communicate tactical and strategic threat information to Government leadership, Cybersecurity Operations Team, and Assessment & Authorization Team
Coordinate with USAF, DISA, and other organizations in support of audits and inspections and provide necessary documentation for Blue Team, Red Team, CPT, BGX Cert, SAVs, CVAs, ST&Es, and CCRI
Communicate alerts to agencies regarding intrusions and compromises and assist with implementation of countermeasures or mitigating controls
Ensure integrity and protection of networks, systems, and applications via monitoring of vulnerability scanning devices
Manage the Data Spill Process and coordinate cleanup and mitigation with external agencies
Provide guidance and work leadership to less experienced technical staff and participate in special projects as required

Requirements

5+ years of related experience
Skills: Cybersecurity, Cyber Threat Intelligence, Incident Response
Certifications: None (additional specific certifications may be required depending on assignment)
US Citizenship Required
Must be able to obtain and maintain a SECRET clearance
BA/BS degree – may substitute additional years of experience
Comprehensive knowledge of data security administration principles, methods, and techniques
Must meet DOD 8140.03 requirement for intermediate level work role as a Cyber Defense Incident Responder
Familiarity with System & Network concepts, user authentication, and use of Cyber Stacks
Understanding of DHS/DoD policies and procedures, including NIST 800-53 and CJCSM 6510.01B
Experience with SPLUNK, IDS/IPS, ACAS, ESS (HBSS), FIREPOWER
Preferred: Security Operations Center (SOC) Experience; ESS (HBSS) Proficiency; ACAS Proficiency; CISCO Firewall data interpretation; SPLUNK & SYSLOG data normalization
Ability to work and set priorities on multiple projects/tasks in a dynamic, fast-paced team environment
Must be available for after-hours support when required
Travel: Less than 10%
Work authorization: US Citizenship