SOC Analyst

KeenLogic is seeking to hire an Information Security Operation Analyst (SOC Analyst) to join our team at the Drug Enforcement Administration. The Information Security Analyst is responsible for designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.

This is a full-time position offering Fortune 500-level health/dental/vision, PTO, 401k, and Life Insurance. This is an onsite role with a daily schedule from 10 AM to 6 PM, based in Merrifield, VA.

This is a Security Operation Center position primarily focused on cybersecurity incident detection and response. Key areas include zero-day events, utilizing cybersecurity tools for investigations, and following the seven steps of the Incident Response process.

All duties support functions such as information security, SA&A, incident response, insider threat, computer forensics, vulnerability assessment, network data capture, intrusion detection, log management, SIEM, and penetration testing.

Personnel will serve mainly on the Operations & Response (O&R) Team and may support Vulnerability Assessment and Penetration Test (VAPT) and Engineering teams. Coordination with various sections within the organization is required.

• Must be a U.S. citizen with an active Secret or Top Secret clearance.
• Eligible for a Top-Secret clearance if requested.
• Bachelor’s degree in computer science, information systems, engineering, business, physical science, or related field, or equivalent training.
• 3+ years of experience in information security, cybersecurity, forensics, or insider threat.

• CompTIA CySA+ certification.
• Experience in cybersecurity incident response, detection, and event triaging.
• Experience with SOC operations, creating rules, thresholds, policies, and validating malicious indicators.
• Knowledge of SIEM tools and query generation, threat hunting, vulnerability assessment, and open-source intelligence gathering.

• Network security monitoring and incident response.
• Coordination with government agencies and recordkeeping.
• Monitoring SIEM and security tools, analyzing events, and implementing countermeasures.
• Investigation of security incidents, vulnerabilities, and malicious activities.
• Installation, configuration, and maintenance of security hardware and software.
• Preparing reports and security briefings, supporting incident handling, and crisis response.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology