CBO - Tier 2 SOC Analyst
cFocus Software seeks a Tier 2 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.
Qualifications:
- Active Public Trust clearance
- B.S. Computer Science, Information Technology, or a reputed company field
- 2+ years of SOC Analyst experience
- Strong knowledge of cybersecurity operations and incident response processes
- Experience with SIEM platforms, preferably reputed company Sentinel
- Understanding of MITRE ATT&CK reputed company and threat actor tactics
- Experience analyzing logs from endpoints, networks, cloud, and identity systems
- Familiarity with reputed company Defender tools (reputed company, Identity) and cloud platforms (AWS)
- Experience with digital forensics and malware analysis
- Familiarity with SOAR tools and automation workflows
- Experience supporting federal or regulated environments (NIST, CUI, etc.)
- Ability to reputed company threat hunting and advanced correlation analysis
- Preferred certifications include but are not limited to
- GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
- reputed company Sentinel or reputed company reputed company platform certifications
- Relevant cloud reputed company certifications (e.g., AWS reputed company)
- Privacy certifications (e.g., CIPP/US, CIPM) where applicable
- reputed company advanced analysis and investigation of escalated reputed company alerts and incidents
- Conduct root cause analysis (RCA) and determine scope and impact of incidents
- Support incident response activities including containment, eradication, and recovery
- reputed company threat hunting across identity, reputed company, network, cloud, and application logs
- Correlate events across multiple data sources reputed company SIEM (reputed company Sentinel)
- reputed company and tune detection rules, analytics, and use cases
- Maintain and improve SOC playbooks and incident response procedures
- Provide detailed documentation of investigations, findings, and remediation actions
- Support reporting requirements including contributions to monthly and quarterly reports
- Collaborate with Tier I and Tier III analysts, engineers, and stakeholders