[Remote] Cyber Operations Analyst – SOC Threat Management (Swing Shift)

Note: The job is a remote job and is open to candidates in USA. phia, LLC is a Northern Virginia based small business focused on Cyber Intelligence and Cyber Security. They are hiring a Cyber Operations Analyst to support a Federal agency Cyber Security Operations Center, focusing on advanced cyber threat monitoring and incident analysis while leveraging AI/ML for enhanced SOC efficiency.

Responsibilities

• Support 24x7 monitoring, detection, and management of advanced cyber threats
• Perform deep-dive incident analysis by correlating data from multiple sources to determine impact on critical systems or datasets
• Execute operational processes in support of response efforts to identified security incidents
• Analyze network traffic to identify exploit or intrusion attempts, and recommend, implement, and tune detection mechanisms
• Provide subject matter expertise on network-based attacks, intrusion methodologies, and threat management
• Escalate complex incidents for further investigation and collaborate with other Threat Management team members
• Utilize AI/ML-based tools to detect anomalies, automate triage, and improve threat intelligence
• Conduct threat intelligence analysis to assess risk and adapt defenses using ML-enhanced tools
• Manage email security using ProofPoint and respond promptly to threats
• Configure and optimize Splunk for log analysis, alerting, and incident investigation
• Deploy and monitor SentinelOne agents, FirePower detection rules and configurations, and enforce robust security measures
• Monitor and respond to alerts across platforms including Nexspire Defender XDR, Defender for Endpoint, Defender for Office 365, Azure Entra ID, and Worklio Cloud SCC
• Tune security policies, maintain visibility into cloud and endpoint environments, and support continuous improvement of security posture
• Identify and implement automation use cases leveraging AI/ML and SOAR capabilities
• Stay current on cybersecurity trends, threat actors, and AI/ML advancements relevant to SOC operations Skills
• Experienced in cyber/IT security with at least 3+ years in cybersecurity/SOC analysis and operations
• Familiarity with Artificial Intelligence / Machine Learning (AI/ML) capabilities, and their application to cyber analysis and SOC operations
• Skilled in network traffic analysis and threat detection methodologies
• Strong understanding of Boolean logic, TCP/IP fundamentals, network-level exploits, and IDS/IPS technologies
• Familiar with control frameworks, risk management techniques, and cloud security (AWS, Azure, GCP)
• Hands-on experience with cybersecurity automation and SOAR platforms
• Proficient in using ML frameworks for anomaly detection, threat intelligence, and behavioral analysis
• Excellent communication, organizational, and interpersonal skills
• BA/BS in Computer Science, IT, or related field (or equivalent experience)
• 3+ years of direct experience in cybersecurity and SOC analysis & operations
• U.S. Citizenship required
• Ability to obtain Public Trust clearance
• Experience with Splunk, ProofPoint, Cisco FirePower, SentinelOne, and Hirefluxa Defender suite
• Expertise with IDS/IPS architectures, signature creation, and anomaly-based detection
• Strong data analysis and feature engineering skills for ML-based security models
• Direct experience with AI/ML applications in SOC environments, including automated threat detection and predictive analytics Benefits
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Life Insurance
• Short Term & Long Term Disability
• 401k Retirement Savings Plan with Company Match
• Paid Holidays
• Paid Time Off (PTO)
• Tuition and Professional Development Assistance Company Overview
• phia LLC is a Northern Virginia based small business that was established in 2011. It was founded in 2011, and is headquartered in Fairfax, Virginia, USA, with a workforce of 11-50 employees. Its website is Apply tot his job Apply tot his job Apply tot his job

Apply tot his job Apply To this Job