A Washington, D.C.-based services organization is seeking a SOC Analyst for a remote opportunity supporting a 24/7 security operations environment. This role focuses on monitoring, investigating, and responding to threats across hybrid cloud and on-premises systems.

About the Opportunity:
- Shift: Swing and night shift
- Schedule: Sunday through Saturday
- Hours: EST hours
- Setting: Remote
Responsibilities:
- Perform advanced endpoint detection and response analysis, including alert triage, threat detection, and indicator-of-compromise investigation
- Support endpoint platform administration by managing agent health, deployments, integrations, and policy updates
- Conduct digital forensics and incident response activities by acquiring, preserving, and analyzing endpoint artifacts
- Investigate threats across hybrid cloud and on-premises environments, including malware, phishing, lateral movement, privilege misuse, and data exfiltration
- Document findings, escalate incidents according to procedures, collaborate with technical teams, and provide shift handoff briefings
Qualifications:
- 5-7 years of experience in a Security Operations, Incident Response, or related Cybersecurity role
- Degree educated or equivalent, preferably in a computer science-related subject
- One or more of the following certifications: Security+, CySA+, CASP+, GCIH, GCIA, GCFA, GNFA, GDAT, CSA, CEH, SSCP, or CISSP
- Experience with a Case Management system and a Security Information and Event Management platform
- Strong understanding of Windows and Linux operating system internals, log analysis, network protocols, and common attack vectors
- Experience with threat hunting, IOC analysis, and MITRE ATT&CK-based detection
- Experience in digital forensics, malware analysis, or purple team operations
- Experience improving SOC processes, detection logic, architecture, or playbooks
- Must be able to successfully complete a background investigation and drug screen
Desired Skills:
- Experience with cloud security monitoring, including AWS environments
- Familiarity with compliance and audit frameworks such as NIST CSF, 800-53, OMB M-21-31, CIS Benchmarks, and STIGs
- Knowledge of vulnerability scanning and exposure analysis tools
- Experience collaborating with cyber threat intelligence or red teams
- Familiarity with SOAR platforms and scripting languages such as PowerShell, Python, or Bash
- Ability to communicate findings clearly to technical and non-technical audiences
