Senior SOC Analyst

Job Description

Job Description

Senior SOC Analyst and Incident Responder

KeenLogic is seeking to hire a Senior SOC Analyst & Incident Responder to join our team at the Drug Enforcement Administration. All the duties listed support one or more of the following cybersecurity- related functions; information security, SPAA, incident response, cyber security, insider threat, computer forensics, vulnerability assessment and management, network data capture, intrusion detection, log management, auditing, security incident and event management (SIEM), and penetration testing.

This is a full-time position offering Fortune 500-level health / dental / vision, PTO, 401k, and Life Insurance. This onsite role, with a daily schedule from 7 AM to 3 PM, based in Merrifield, VA .

Position Summary

The Senior SOC Analyst is a key member of the 24 / 7 / 365 Security Operations Center, which serves as the escalation point for advanced investigations, incident response, and proactive threat hunting. This role conducts higher-level analysis than other analysts on the team. A senior SOC analyst performs deep forensic investigations, correlates multi-source threat intelligence information, and guides containment and remediation strategies. The Senior SOC Analyst identifies and mitigates advanced threats across enterprise IT endpoints, cloud environments, and OT systems. They leverage frameworks like the MITRE ATT&CK framework and others to detect, disrupt, and prevent malicious activity from occurring in the enterprise environment.

They work closely with the SOC manager and leads. They mentor junior staff, assist to refine SOC processes, and ensures the organization maintains a strong cybersecurity posture. They collaborate with engineers, threat intelligence and forensics teams to enhance detection capabilities, improve incident response readiness, and deliver actionable security insights to leadership. Required Qualifications

• Active Secret or Top Secret clearance
• Master’s degree and 8 years or Bachelor's degree and 11 years

Documented work experience performing any combination of Information System Security, Security Assessment & Authorization, Cybersecurity, Computer Forensics, or Insider Threat

CBROPS

Duties and Responsibilities

Correlate SIEM, EDR, IDS / IPS, and firewall data to identify and analyze potential incidents.

Perform deep-dive investigations to determine root cause, scope, and impact of incidents.

Guide preparation, identification, containment, eradication, and recovery actions in collaboration with SOC, forensics, and engineering teams.

Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack.

Coordinate with forensics teams to ensure chain-of-custody and evidence integrity.

Refine detection rules, alert thresholds, and automation workflows in SIEM / SOAR platforms and other cybersecurity tools.

Gather threat data from internal, classified, and open-source intelligence feeds.

Provide real-time guidance during active incidents.

Work with engineering, IT, and cloud teams to address identified vulnerabilities.

Record investigative steps, evidence, and incident timelines in case management systems.

Powered by JazzHR

ODdWLDG3oO