Senior Cyber Defense Analyst – Incident Response Lead (CDA Lead / IR Lead)

Join to apply for the Senior Cyber Defense Analyst – Incident Response Lead (CDA Lead / IR Lead) role at SOSi

1 day ago Be among the first 25 applicants

Join to apply for the Senior Cyber Defense Analyst – Incident Response Lead (CDA Lead / IR Lead) role at SOSi

Get AI-powered advice on this job and more exclusive features.

Sr Talent Acquisition Strategist for SOSi | Cleared | Looking for Cleared IT Candidates | A Seeker of Awesome People!

SOSi is seeking a Senior Cyber Defense Analyst – Incident Response Lead to join our elite team in Hawaii , where cutting-edge technology meets mission-critical operations. Supporting INDOPACOM warfighters with secure, multi-enclave Coalition connectivity, our team leverages advanced Desktop as a Service (DaaS) Private Cloud infrastructure to deliver resilient and scalable solutions.

As the CDA Lead , you’ll serve as the operational heartbeat of our Hawaii NSOC, guiding day-to-day monitoring, threat hunting, and incident response. You’ll lead escalations as the Incident Response Lead (IRL) , validate AI-assisted detections, contain complex threats, and ensure analyst teams are aligned with NSOC leadership and engineering staff to maintain mission assurance. This is your opportunity to shape the future of cyber defense in one of the most strategically vital regions on Earth.

• Lead the Cyber Defense Analyst team, providing direction on monitoring priorities, triage, and incident investigations.
• Act as Incident Response Lead (IRL) during escalations, coordinating containment, remediation, and reporting across NSOC, DCAI engineers, and mission partners.
• Validate and adjudicate escalated detections from AI-assisted SOC tools, ensuring accuracy, prioritization, and timely response.
• Mentor and coach analysts in advanced detection, threat hunting, and IR skills; provide regular feedback and performance oversight.
• Serve as primary liaison between analysts and engineering teams (DCAI, Detection Engineering) to refine AI models, SOAR playbooks, and detection logic.
• Direct threat hunting operations based on adversary TTPs, threat intelligence, and anomaly detection.
• Ensure incidents are documented to NSOC standards, with case studies and lessons learned integrated into playbooks.
• Lead red/blue team exercises and tabletop drills to validate analyst readiness and IR procedures.
• Provide senior-level reporting and executive briefings on major incidents to NSOC leadership and external stakeholders.
• Maintain compliance with RMF, CSSP, and NSOC SOPs; validate AI-augmented IR processes meet accreditation requirements.
• Active or eligible SECRET security clearance (must be willing to obtain and maintain).
• Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, or related technical discipline; equivalent work experience considered.
• 5+ years of SOC/NSOC or cyber defense experience, with demonstrated IR and threat hunting expertise.
• DoD 8140 Intermediate compliant (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC).
• Proven experience leading analyst teams or serving as a shift/incident lead.
• Strong knowledge of adversary TTPs (MITRE ATT&CK), malware analysis, and advanced detection/response techniques.
• Proficiency with SIEM, EDR, SOAR, and packet capture/analysis tools (e.g., Wireshark, Zeek).
• Strong leadership, communication, and briefing skills for technical and executive audiences.

Preferred Qualifications

• Active Top Secret clearance with ability to obtain/maintain TS/SCI.
• Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI.
• Experience in a military cyber defense environment or enterprise-level 24/7 SOC.
• Prior IR Lead/Tier 3 response experience with major incident coordination responsibilities.
• Experience working alongside AI/ML-assisted SOC platforms and automation pipelines.
• Schedule: Core leadership role with daytime hours and on-call responsibilities for after-hours escalations .
• Environment: Fast-paced, mission-critical operations requiring flexibility for major incident handling.
• Relocation packages may include a two-year commitment.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Defense and Space Manufacturing

Referrals increase your chances of interviewing at SOSi by 2x

Inferred from the description for this job

Medical insurance

Vision insurance

401(k)

Paid maternity leave

Paid paternity leave

Tuition assistance

Disability insurance

Get notified about new Defense Analyst jobs in Honolulu, HI .

Military Experimentation & Assessment Analyst - Part Time Casual (PTC)

Information Systems Security Officer (ISSO)

Wahiawa, HI $146,300.00-$176,700.00 6 days ago

Integrated Air and Missile Defense (IAMD) Analyst

Hickam Village, HI $135,000.00-$160,000.00 2 months ago

Operations Analyst Subject Matter Expert

Honolulu, HI $100,000.00-$102,000.00 1 month ago

Joint Base Pearl Harbor-Hickam, HI $60,000.00-$110,000.00 6 months ago

Honolulu, HI $84,000.00-$88,000.00 1 month ago

Military Information Support Operations Analyst

Honolulu County, HI $130,000.00-$155,000.00 1 month ago

Honolulu, HI $100,900.00-$176, hours ago

Joint Base Pearl Harbor-Hickam, HI $95,000.00-$260,000.00 1 month ago

Security Engineer – AI & SOAR Integration

Security Analyst, 2nd Shift (Honolulu, Hawaii)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr