[Remote] Cyber Operations Analyst – SOC Threat Management (Swing Shift)
Note: The job is a remote job and is open to candidates in USA. phia, LLC is a Northern Virginia based small business focused on Cyber Intelligence and Cyber Security. They are hiring a Cyber Operations Analyst to support a Federal agency Cyber Security Operations Center, focusing on advanced cyber threat monitoring and incident analysis while leveraging AI/ML for enhanced SOC efficiency.
Responsibilities
- Support 24x7 monitoring, detection, and management of advanced cyber threats
- Perform deep-dive incident analysis by correlating data from multiple sources to determine impact on critical systems or datasets
- Execute operational processes in support of response efforts to identified security incidents
- Analyze network traffic to identify exploit or intrusion attempts, and recommend, implement, and tune detection mechanisms
- Provide subject matter expertise on network-based attacks, intrusion methodologies, and threat management
- Escalate complex incidents for further investigation and collaborate with other Threat Management team members
- Utilize AI/ML-based tools to detect anomalies, automate triage, and improve threat intelligence
- Conduct threat intelligence analysis to assess risk and adapt defenses using ML-enhanced tools
- Manage email security using ProofPoint and respond promptly to threats
- Configure and optimize Splunk for log analysis, alerting, and incident investigation
- Deploy and monitor SentinelOne agents, FirePower detection rules and configurations, and enforce robust security measures
- Monitor and respond to alerts across platforms including arenaflex Defender XDR, Defender for Endpoint, Defender for Office 365, Azure Entra ID, and arenaflex Cloud SCC
- Tune security policies, maintain visibility into cloud and endpoint environments, and support continuous improvement of security posture
- Identify and implement automation use cases leveraging AI/ML and SOAR capabilities
- Stay current on cybersecurity trends, threat actors, and AI/ML advancements relevant to SOC operations Skills
- Experienced in cyber/IT security with at least 3+ years in cybersecurity/SOC analysis and operations
- Familiarity with Artificial Intelligence / Machine Learning (AI/ML) capabilities, and their application to cyber analysis and SOC operations
- Skilled in network traffic analysis and threat detection methodologies
- Strong understanding of Boolean logic, TCP/IP fundamentals, network-level exploits, and IDS/IPS technologies
- Familiar with control frameworks, risk management techniques, and cloud security (AWS, Azure, GCP)
- Hands-on experience with cybersecurity automation and SOAR platforms
- Proficient in using ML frameworks for anomaly detection, threat intelligence, and behavioral analysis
- Excellent communication, organizational, and interpersonal skills
- BA/BS in Computer Science, IT, or related field (or equivalent experience)
- 3+ years of direct experience in cybersecurity and SOC analysis & operations
- U.S. Citizenship required
- Ability to obtain Public Trust clearance
- Experience with Splunk, ProofPoint, Cisco FirePower, SentinelOne, and arenaflex Defender suite
- Expertise with IDS/IPS architectures, signature creation, and anomaly-based detection
- Strong data analysis and feature engineering skills for ML-based security models
- Direct experience with AI/ML applications in SOC environments, including automated threat detection and predictive analytics Benefits
- Medical Insurance
- Dental Insurance
- Vision Insurance
- Life Insurance
- Short Term & Long Term Disability
- 401k Retirement Savings Plan with Company Match
- Paid Holidays
- Paid Time Off (PTO)
- Tuition and Professional Development Assistance Company Overview
- phia LLC is a Northern Virginia based small business that was established in 2011. It was founded in 2011, and is headquartered in Fairfax, Virginia, USA, with a workforce of 11-50 employees. Its website is Apply tot his job
Apply tot his job Apply To this Job