Cybersecurity / SOC Analyst

Position Summary

 

We are seeking a highly skilled Cybersecurity/SOC Analyst to support mission-critical cybersecurity operations for an IC customer. This position supports 24x7x365 Computer Network Defense (CND), threat monitoring, incident response, and cyber threat analysis activities within a classified enterprise environment.

 

The ideal candidate will possess experience supporting Security Operations Center (SOC) operations, advanced threat detection, and incident response functions within government or national security environments. Candidates should have a strong understanding of cyber adversary tactics, techniques, and procedures (TTPs), threat actor methodologies, malware analysis, and enterprise security monitoring technologies.

 

This role requires the ability to analyze complex security events, investigate anomalous activity, and coordinate rapid response actions to protect sensitive government systems and networks.

 

Key Responsibilities

 

• Provide continuous 24x7x365 monitoring, analysis, and response support for enterprise cyber defense operations.
• Conduct Computer Network Defense (CND) activities in support of Intelligence Community (IC) mission requirements.
• Monitor, analyze, triage, and respond to security events and cyber threats targeting enterprise infrastructure, networks, and endpoints.
• Perform incident handling, malware analysis, and threat investigations utilizing tools including Splunk Enterprise Security (ES), CrowdStrike Falcon, Tanium, and enterprise eDiscovery platforms.
• Validate security alerts through real-time log analysis and correlation to determine true positive incidents and initiate containment procedures.
• Escalate and document incidents in accordance with established SOC/CDOC operational procedures and federal reporting requirements.
• Analyze NetFlow data, packet captures (PCAP), DNS activity, and network traffic patterns to identify indicators of compromise (IOCs) and malicious behavior.
• Conduct intrusion analysis and support advanced threat detection efforts involving nation-state and advanced persistent threat (APT) actors.
• Track incidents and investigative activities within Security Operations Center workflows and ticket management systems.
• Develop and maintain detailed incident reports, threat summaries, and operational documentation for leadership and cybersecurity stakeholders.
• Collaborate with cyber defense, engineering, and intelligence teams to identify vulnerabilities and improve enterprise security posture.
• Assist with vulnerability assessments, remediation efforts, and implementation of defensive security measures.
• Support continuous monitoring initiatives and evaluate effectiveness of enterprise-wide information security controls.
• Maintain awareness of emerging cyber threats, Intelligence Community security directives, and evolving adversarial TTPs.

Required Qualifications

 

• Active TS/SCI or Q/SCI clearance required.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field; equivalent operational experience may be substituted.
• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD., 12 years with a HS Diploma
• 5+ years of experience supporting Security Operations Center (SOC), Computer Network Defense (CND), or cyber operations environments.
• Hands-on experience with:
• Splunk Enterprise Security (ES)
• CrowdStrike Falcon
• Tanium
• SIEM and log aggregation platforms
• Endpoint Detection and Response (EDR) tools
• Security ticketing and workflow management systems
• Experience performing:
• Incident response
• Threat hunting
• Malware analysis
• Alert triage and escalation
• Log correlation and forensic analysis
• Strong understanding of:
• TCP/IP protocol suite
• DNS
• Routing and switching concepts
• Network security architecture
• Remote access security technologies
• Enterprise security monitoring
• Experience analyzing:
• NetFlow data
• Packet captures (PCAP)
• Security event logs
• Indicators of compromise (IOCs)
• Knowledge of:
• MITRE ATT&CK framework
• Threat actors and adversary campaigns
• Cyber kill chain methodologies
• Intelligence Community cybersecurity operations
• Ability to communicate technical findings clearly through written reports and verbal briefings.

Preferred Qualifications

 

• Prior experience supporting Intelligence Community (IC), Department of Defense (DoD), or other Federal Government cybersecurity programs.
• Familiarity with CDOC/SOC operational environments and federal cybersecurity compliance frameworks.
• Experience with classified network environments and cross-domain security operations.
• Industry certifications such as:
• CompTIA Security+
• CySA+
• CEH
• GCIH
• GCIA
• CISSP
• Knowledge of:
• NIST 800-series publications
• RMF (Risk Management Framework)
• Continuous Diagnostics and Mitigation (CDM)
• Cyber threat intelligence analysis

#cboss

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.