Logo for cFocus Software Incorporated

CBO - Tier 3 SOC Analyst

cFocus Software Incorporated

Job description

cFocus Software seeks a Tier 3 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance.
Qualifications:
  • Active Public Trust clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 5+ years of SOC Analyst experience
  • Expert knowledge of incident response, threat hunting, and detection engineering
  • Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools
  • Strong understanding of MITRE ATT&CK framework and adversary tactics
  • Experience with digital forensics and malware analysis techniques
  • Ability to analyze logs across identity, endpoint, network, and cloud environments
  • Strong knowledge of AWS logs (CloudTrail, VPC Flow Logs) and enterprise security tools
  • Experience with KQL (Kusto Query Language) and advanced correlation analysis
  • Deep understanding of NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles
  • Experience with SOAR platforms and automation (Logic Apps, Sentinel playbooks)
  • Experience supporting federal environments and compliance (CUI, FTI, NIST, IRS 1075)
  • Experience leading incident response engagements and reporting to leadership
  • Preferred certifications include but are not limited to
    • GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications
    • Microsoft Sentinel or Microsoft security platform certifications
    • Relevant cloud security certifications (e.g., AWS security)
    • Privacy certifications (e.g., CIPP/US, CIPM) where applicable

Duties:
  • Lead investigation and response for complex and high-severity security incidents
  • Perform advanced threat hunting using Microsoft Sentinel and Defender platforms
  • Conduct digital forensics, malware analysis, and root cause analysis (RCA)
  • Develop, tune, and optimize detection rules, analytics, and correlation logic
  • Map detections and activities to MITRE ATT&CK framework
  • Oversee incident lifecycle management (detection through containment, eradication, and recovery)
  • Support and improve SOC playbooks, automation workflows, and response procedures
  • Provide mentorship and guidance to Tier I and Tier II analysts
  • Identify security control gaps and recommend remediation strategies
  • Support red team, purple team, and adversary emulation exercises
  • Contribute to incident reports, quarterly threat reviews, and executive briefings
Ready to apply?
APPLY
·

Related jobs

Worldwide

Other jobs at cFocus Software Incorporated

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

✨

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.