Tier 3 SOC Analyst

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Tier 3 SOC Analyst for a potential opportunity, with expert-level knowledge in incident response, threat hunting and advanced cyber threat analysis. The ideal candidate will lead complex investigations, mentor junior analysts and drive improvements in detection capabilities across federal systems. The Tier 3 SOC Analyst role is responsible for triaging and responding to sophisticated threats, refining SOC processes and enhancing operational readiness through intelligence-driven defense. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market. Employment for this position is dependent on the successful award of the contract.

What you’ll be doing:

• Lead advanced incident triage, analysis, containment and response for complex cybersecurity threats and confirmed breaches.
• Correlate data across multiple log sources, network traffic, endpoint activity and threat intelligence to identify sophisticated attacks.
• Perform in-depth forensic analysis on endpoints, logs and systems to determine root cause and impact of incidents.
• Proactively conduct threat hunting operations using behavioral analytics and threat intelligence to identify undetected threats.
• Develop, refine and tune SIEM correlation rules, detection logic and automation workflows.
• Create and maintain incident response playbooks, escalation procedures and SOC runbooks.
• Provide mentoring, training and technical guidance to Tier 1 and Tier 2 SOC analysts.
• Collaborate with security engineering, compliance and IT operations teams to enhance the security posture.
• Interface with federal security stakeholders during incident investigations, briefings and reporting.
• Analyze and apply threat intelligence (IOCs, TTPs, threat actor profiles) aligned with MITRE ATT&CK, STIX/TAXII or similar models.
• Contribute to lessons learned, post-incident reviews and strategic improvements to detection and response capabilities.

What you need to know:

• Strong experience with SIEM platforms (e.g., Splunk, QRadar, ELK) and EDR tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender).
• Deep understanding of the cyberattack lifecycle, adversary behavior and detection strategies.
• Proven experience in analyzing network traffic, system logs and endpoint telemetry.
• Strong knowledge of Windows and Linux operating systems, including log analysis and command-line investigation.
• Familiarity with federal cybersecurity frameworks: NIST 800-53, FISMA, FedRAMP and RMF.
• Experience documenting and communicating complex technical findings to both technical and executive stakeholders.
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation and data analysis.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 5+ years of experience in a SOC, Incident Response or Cybersecurity Operations role.
• CISSP certification or equivalent required.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Hands-on experience with forensic tools (e.g., FTK, EnCase, Volatility, Autopsy).
• Knowledge of cloud security monitoring (Azure, AWS or Google Cloud).
• Experience integrating and correlating threat intelligence platforms (TIPs) and feeds.
• Red team / blue team experience or knowledge of adversarial simulation tools (e.g., Cobalt Strike, Atomic Red Team).

Where it’s done:

• Onsite (Washington, D.C. or Fort Worth, TX).
• This position may require participation in a rotating shift schedule or on-call support.