SOC Analyst IV

Posted Yesterday
Be an Early Applicant
Homeland, VA, USA
In-Office
120K-140K Annually
Senior level
Artificial Intelligence • Cloud • Information Technology • Security • Software
The Role
Lead Tier III SOC investigations, perform forensic analysis across endpoint, network, and cloud telemetry, improve detection/playbooks, mentor junior analysts, support Red/Purple team exercises, apply MITRE ATT&CK and NIST SP 800-61, and produce incident reports and operational documentation for a 24x7x365 federal SOC.
Summary Generated by Built In
Job Summary & Responsibilities

Everforth ECS is seeking a SOC Analyst IV who lives in close proximity to the National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.

 

Please Note: This position is contingent upon contract award.

 

Salary Range: $120,000 - $140,000

 

This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a senior technical contributor on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.

 

As a SOC Analyst IV, you will operate at the Tier III level, serving as one of the most technically advanced analysts on the team and a cornerstone of the SOC's detection, triage, and response capability. Working alongside the SOC Manager, threat hunting teams, and security engineers, you will lead the most complex investigations, mentor junior analysts, and contribute directly to the continuous improvement of the SOC's playbooks, detection logic, and operational procedures. When the most sophisticated threats emerge, you will be the analyst the team turns to for deep technical expertise, sound judgment, and decisive action.

 

Position Responsibilities:

  • Provide Tier III support for SIEM alert triage, forensic analysis, and escalation, handling the most complex and high-priority security events within the SOC environment.
  • Maintain situational awareness across all SOC tools and telemetry sources, ensuring continuous visibility into the agency's security posture.
  • Lead shift handovers with clear, thorough documentation, ensuring seamless operational continuity across all SOC shifts.
  • Contribute to the development, review, and ongoing improvement of standard operating procedures (SOPs) and incident response playbooks to ensure they remain current, accurate, and operationally effective.
  • Support Red Team and Purple Team exercises to validate detection coverage, improve response procedures, and identify gaps in the SOC's defensive capabilities.
  • Apply the MITRE ATT&CK framework to map adversary tactics, techniques, and procedures (TTPs) during investigations, turning fragmented alerts into clear and actionable threat narratives.
  • Conduct in-depth forensic analysis of endpoint, network, and cloud telemetry to support incident investigations and root cause analysis activities.
  • Support and contribute to the four phases of the NIST SP 800-61 incident response lifecycle, Preparation, Detection and Analysis, Containment/Eradication/Recovery, and Post-Incident Activity, ensuring thorough documentation and stakeholder communication at each stage.
  • Mentor and provide technical guidance to Tier I and Tier II SOC analysts, supporting their professional development and improving overall team capability.
  • Collaborate with threat hunting, CTI, and security engineering teams to operationalize new detection logic and ensure the SOC benefits from the latest intelligence.
  • Produce high-quality incident reports, shift logs, and technical documentation for both technical teams and senior government officials.

Contribute to detection engineering and automation initiatives to reduce manual workload and improve analyst efficiency across the SOC.

Preferred Qualifications
  • U.S. Citizenship required.
  • 6+ years of SOC experience, with demonstrated expertise in Tier III incident response, forensic analysis, and SIEM operations.
  • Remote but within close proximity to the NCR.
  • Active Public Trust 6c clearance, or the ability to obtain and maintain one.
  • At least one of the following certifications: GCIA, CEH, or CompTIA Security+.
  • Hands-on experience with SIEM platforms and endpoint telemetry analysis in a federal or enterprise environment.
  • Strong experience with operating systems, networking fundamentals, and AWS native security capabilities.
  • Deep understanding of the NIST SP 800-61 incident response framework and its practical application within a tiered SOC environment.
  • Demonstrated ability to apply the MITRE ATT&CK framework to real-world incident investigations and detection improvement activities.
  • Experience contributing to or developing incident response playbooks, SOPs, and lessons-learned documentation.
  • Proven ability to lead shift handovers and maintain clear, accurate operational documentation in a 24x7x365 environment.
  • Strong written and verbal communication skills, with the ability to translate complex technical findings into actionable language for both technical and executive audiences.

Skills Required

  • U.S. Citizenship
  • 6+ years of SOC experience with Tier III incident response, forensic analysis, and SIEM operations
  • Reside within close proximity to the National Capital Region (NCR)
  • Active Public Trust (6c) clearance or ability to obtain and maintain one
  • Hands-on experience with SIEM platforms and endpoint telemetry analysis in federal or enterprise environments
  • Strong experience with operating systems and networking fundamentals
  • Experience with AWS native security capabilities
  • Deep understanding and practical application of NIST SP 800-61 incident response framework
  • Ability to apply the MITRE ATT&CK framework to investigations and detection engineering
  • Experience contributing to or developing incident response playbooks, SOPs, and lessons-learned documentation
  • Proven ability to lead shift handovers and maintain clear operational documentation in a 24x7x365 environment
  • Strong written and verbal communication skills for technical and executive audiences
  • At least one certification: GCIA, CEH, or CompTIA Security+

ECS Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about ECS and has not been reviewed or approved by ECS.

  • Healthcare Strength ECS advertises multiple national-network medical plan options with HSA eligibility alongside dental and vision coverage. Coverage generally begins quickly and is paired with company-paid short- and long-term disability, adding stability to the health package.
  • Retirement Support A 401(k) with Safe Harbor and immediate vesting on employer contributions is emphasized, with an employer match available. Access to an employee stock purchase plan via the parent company provides an additional savings avenue.
  • Parental & Family Support Paid parental leave up to 30 days, adoption assistance, and other family-oriented leaves are highlighted. Feedback suggests these offerings add meaningful value beyond base pay for many roles.

ECS Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Elkhorn, NE
2,129 Employees
Year Founded: 1993

What We Do

ECS, a segment of ASGN (NYSE: ASGN), delivers advanced solutions and services in cloud, cybersecurity, artificial intelligence (AI), machine learning (ML), application and IT modernization, and science and engineering. The company solves critical, complex challenges for customers across the U.S. public sector, defense, intelligence and commercial industries. ECS maintains partnerships with leading cloud, cybersecurity, and AI/ML providers and holds specialized certifications in their technologies. Headquartered in Fairfax, Virginia, ECS has more than 3,400 employees throughout the U.S. and has been recognized as a Top Workplace by The Washington Post for the last five years.

Similar Jobs

Cox Enterprises Logo Cox Enterprises

Head of Alliances and Partnerships (RapidScale)

Artificial Intelligence • Automotive • Greentech • Information Technology • Machine Learning • Software • Cybersecurity
Hybrid
Fairfax, VA, USA
50000 Employees
180K-299K Annually

Cox Enterprises Logo Cox Enterprises

Head of Alliances and Partnerships (RapidScale)

Artificial Intelligence • Automotive • Greentech • Information Technology • Machine Learning • Software • Cybersecurity
Hybrid
Fredericksburg, VA, USA
50000 Employees
180K-299K Annually

Cox Enterprises Logo Cox Enterprises

Head of Alliances and Partnerships (RapidScale)

Artificial Intelligence • Automotive • Greentech • Information Technology • Machine Learning • Software • Cybersecurity
Hybrid
Harrisonburg, VA, USA
50000 Employees
180K-299K Annually

Cox Enterprises Logo Cox Enterprises

Digital Marketing / Communications Manager

Artificial Intelligence • Automotive • Greentech • Information Technology • Machine Learning • Software • Cybersecurity
Remote or Hybrid
United States
50000 Employees
92K-154K Annually

Similar Companies Hiring

Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account