Security Operations Center (SOC) Analyst bei eTelligent Group LLC

Security Clearance: Secret clearance (Mandatory). Candidates without active secret clearance will not be considered.

Citizenship: US Citizen (MUST)

Key Responsibilities:

• Provide 24x7x365 monitoring, detection, triage, analysis, and response for SBA networks, systems, and applications as part of the Enterprise Security Operations Center (SOC).
• Monitor, analyze, and investigate security alerts, logs, events, and anomalies from SIEMs, IDS/IPS, firewalls, endpoint detection, and cloud monitoring tools.
• Perform real-time incident triage, assess severity/impact, and escalate confirmed incidents per SBA processes.
• Support incident response by creating incident tickets, documenting findings, and preparing shift logs, activity trackers, and daily SOC reports.
• Conduct threat analysis and hunting, including correlation of network and endpoint data to identify malicious activity.
• Participate in digital forensics, e-discovery, and malware analysis in support of investigations (legal, IG, HR, insider threat).
• Support creation and execution of Cyber Defense Playbooks, including attack vector scenarios and red/purple team collaboration.
• Maintain awareness of emerging threats, IOCs, and APT tactics; contribute to detection rules and countermeasures.
• Assist with SOC tool tuning, detection engineering, and signature/rule development for SIEM/SOAR platforms.
• Support COOP exercises and ensure SOC continuity during emergency relocations.
• Provide clear, accurate, and timely communication and coordination of cybersecurity events with SBA stakeholders and leadership.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
• At least one of the following required: Security+, CySA+, CEH, GCIH. Higher-level certifications (CISSP, GCIA, GCFA) preferred.
• 3–5+ years of hands-on SOC experience in monitoring, detection, and incident response.
• Strong knowledge of network protocols, intrusion detection, malware behavior, log analysis, and SIEM tools.
• Familiarity with NIST 800-61, incident response frameworks, and federal cybersecurity reporting requirements.
• Experience with cloud monitoring (AWS, O365, Azure) and endpoint protection platforms.
• Ability to analyze large datasets, correlate security events, and identify malicious patterns.
• Strong verbal/written communication and ability to brief both technical and non-technical audiences.

Location: Work will be primarily onsite at SBA locations in Washington, DC, or other designated sites. Remote work requires prior client approval. Local and occasional out-of-area travel may be required.