Remote Jobs

SOC Analyst IV

4 days ago

Pay$120000.00 - $140000.00 / year
LocationVirginia
Employment typeFull-Time
  • Job Description

      Req#: 5001211271206
      Everforth ECS is seeking a SOC Analyst IV who lives in close proximity to the National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.

      Please Note: This position is contingent upon contract award.

      Salary Range: $120,000 - $140,000

      This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a senior technical contributor on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.

      As a SOC Analyst IV, you will operate at the Tier III level, serving as one of the most technically advanced analysts on the team and a cornerstone of the SOC's detection, triage, and response capability. Working alongside the SOC Manager, threat hunting teams, and security engineers, you will lead the most complex investigations, mentor junior analysts, and contribute directly to the continuous improvement of the SOC's playbooks, detection logic, and operational procedures. When the most sophisticated threats emerge, you will be the analyst the team turns to for deep technical expertise, sound judgment, and decisive action.

      Position Responsibilities:
      • Provide Tier III support for SIEM alert triage, forensic analysis, and escalation, handling the most complex and high-priority security events within the SOC environment.
      • Maintain situational awareness across all SOC tools and telemetry sources, ensuring continuous visibility into the agency's security posture.
      • Lead shift handovers with clear, thorough documentation, ensuring seamless operational continuity across all SOC shifts.
      • Contribute to the development, review, and ongoing improvement of standard operating procedures (SOPs) and incident response playbooks to ensure they remain current, accurate, and operationally effective.
      • Support Red Team and Purple Team exercises to validate detection coverage, improve response procedures, and identify gaps in the SOC's defensive capabilities.
      • Apply the MITRE ATT&CK framework to map adversary tactics, techniques, and procedures (TTPs) during investigations, turning fragmented alerts into clear and actionable threat narratives.
      • Conduct in-depth forensic analysis of endpoint, network, and cloud telemetry to support incident investigations and root cause analysis activities.
      • Support and contribute to the four phases of the NIST SP 800-61 incident response lifecycle, Preparation, Detection and Analysis, Containment/Eradication/Recovery, and Post-Incident Activity, ensuring thorough documentation and stakeholder communication at each stage.
      • Mentor and provide technical guidance to Tier I and Tier II SOC analysts, supporting their professional development and improving overall team capability.
      • Collaborate with threat hunting, CTI, and security engineering teams to operationalize new detection logic and ensure the SOC benefits from the latest intelligence.
      • Produce high-quality incident reports, shift logs, and technical documentation for both technical teams and senior government officials.

      Contribute to detection engineering and automation initiatives to reduce manual workload and improve analyst efficiency across the SOC.

      • U.S. Citizenship required.
      • 6+ years of SOC experience, with demonstrated expertise in Tier III incident response, forensic analysis, and SIEM operations.
      • Remote but within close proximity to the NCR.
      • Active Public Trust 6c clearance, or the ability to obtain and maintain one.
      • At least one of the following certifications: GCIA, CEH, or CompTIA Security+.
      • Hands-on experience with SIEM platforms and endpoint telemetry analysis in a federal or enterprise environment.
      • Strong experience with operating systems, networking fundamentals, and AWS native security capabilities.
      • Deep understanding of the NIST SP 800-61 incident response framework and its practical application within a tiered SOC environment.
      • Demonstrated ability to apply the MITRE ATT&CK framework to real-world incident investigations and detection improvement activities.
      • Experience contributing to or developing incident response playbooks, SOPs, and lessons-learned documentation.
      • Proven ability to lead shift handovers and maintain clear, accurate operational documentation in a 24x7x365 environment.
      • Strong written and verbal communication skills, with the ability to translate complex technical findings into actionable language for both technical and executive audiences.
  • About the company

      The best remote jobs for you

Notice

Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.

Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.

An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.