Tech Stack

Description

You will perform continuous monitoring and security incident triage through SIEM events, network traffic data, and endpoint logs. Your role involves identifying and collecting relevant data for security investigations, documenting and tracking incidents to resolution, and escalating advanced cases to Tier 2. This position helps strengthen national security by protecting federal government systems from cyber threats.

Requirements

• 2+ years of experience monitoring and responding to intrusion attempts in a SOC or similar environment
• Hands-on experience triaging security alerts, events, logs, and artifacts using SIEM tools
• Familiarity with common threat vectors, attack methodologies, and basic incident handling processes
• Must hold an Active Secret clearance
• Must be a US Citizen Only (No Dual Citizenship, No Green Card Holder)

Responsibilities

• Perform continuous monitoring and security incident triage through the review of SIEM events, network traffic data collection, and endpoint activity logs
• Identify and collect relevant data associated with initial security investigation findings
• Document and track investigations to resolution while creating detailed security alert notifications for customers
• Escalate investigations requiring advanced analysis of security incidents to Tier 2 or incident responders