Cyber Security Specialist – SOC Operations & Incident Response
Location: Remote
Duration: 6 Months
Salary Range: $48.00 - $50.00/Hour on W2 (Without Benefits).
Applicants must be willing to work on W2.
Clearance: Active Public Trust or other government clearances.
Job Description:
Location: Remote
Duration: 6 Months
Salary Range: $48.00 - $50.00/Hour on W2 (Without Benefits).
Applicants must be willing to work on W2.
Clearance: Active Public Trust or other government clearances.
Job Description:
- We are seeking a highly motivated and experienced Cyber Security Specialist to support swing and night shift operations within our 100% remote 24/7/365 Security Operations Center (SOC).
- You will monitor, analyze, investigate, and respond to threats across hybrid cloud and on-prem environments.
- This role is ideal for analysts with a strong investigative mindset, technical depth, and a passion for continuous learning.
- Perform advanced EDR analysis, including alert triage, threat detection, behavioral rule tuning, IOC investigation, and endpoint telemetry enrichment.
- Support EDR platform administration by managing agent health and deployment, maintaining integration with SIEM and other telemetry pipelines, coordinating policy updates, and partnering with SysAdmins to troubleshoot endpoint and infrastructure-level issues affecting EDR visibility.
- Conduct digital forensics during incident response by acquiring, preserving, and analyzing endpoint artifacts (e.g., memory, disk, registry, logs); assist with root cause analysis and ensure forensic evidence in accordance with legal and procedural requirements.
- Provide engineering-focused support on SOC architecture improvements to increase visibility, data fidelity, and detection capabilities across hybrid environments.
- Perform threat detection, log analysis, and anomaly identification across on-premises and cloud workloads (AWS preferred).
- Conduct initial incident response and assist with investigations into malware, phishing, lateral movement, privilege misuse, and data exfiltration.
- Apply threat intelligence to enrich alerts and uncover TTPs using the MITRE ATT&CK framework.
- Document investigative steps and evidence in the case management system and escalate incidents per SOPs.
- Participate in threat hunting missions based on hypotheses, intel feeds, and environmental knowledge.
- Collaborate with engineering, system administrators, and cyber stakeholders to contain and remediate threats.
- Support compliance efforts by ensuring audit trails, access logs, and investigative artifacts are collected and preserved.
- Stay current with emerging threats, vulnerabilities, and TTPs targeting cloud and hybrid infrastructures.
- Maintain situational awareness through active monitoring of CTI sources, advisories, and vulnerability disclosures.
- Provide summary reports and handoff briefings at the end of each shift.
- Familiarity with compliance and audit frameworks: NIST CSF, 800-53, OMB M-21-31, CIS Benchmarks, STIGs.
- Knowledge of vulnerability scanning tools (e.g., Tenable Nessus) and CVE exposure analysis.
- Experience collaborating with cyber threat intelligence and/or red teams.
- Experience in digital forensics, malware analysis, or purple team operations.
- Experience with Case Management System (e.g., ServiceNow).
- Experience with SIEM (e.g., Splunk).
- Experience using SOAR platforms for alert triage and response automation.
- Solid understanding of Windows and Linux operating system internals and log analysis.
- Strong grasp of network protocols, TCP/IP, and common attack vectors.
- Familiarity with scripting (e.g., PowerShell, Python, Bash) and automation workflows.
- Experience with threat hunting, IOC analysis, or MITRE ATT&CK-based detection.
- Understanding of identity and access management (IAM) risks in cloud environments.
- Experience improving SOC processes, detection logic, architecture, or playbooks.
- Ability to communicate findings clearly—verbally and in writing—to technical and non-technical audiences.
- Degree educated or equivalent, preferably in a computer science related subject
- Security+, CySA+, CASP+, GCIH, GCIA, GCFA, GNFA, GDAT, CSA, CEH, or (ISC)² SSCP/CISSP.
- 5-7 years’ experience.
Job ID: 523537159
Originally Posted on: 6/3/2026
Want to find more Technology opportunities?
Check out the 165,512 verified Technology jobs on iHireTechnology
Similar Jobs
Sign Up for Job Alerts
