HashRoot
We are seeking highly experienced Senior SOC Analysts to strengthen our cybersecurity operations team. The role involves advanced incident response, proactive threat hunting, and managing security automation across multi-cloud and hybrid environments.
Core Responsibilities:
Lead Tier 2/3 incident investigations across classified and unclassified networks.
Use frameworks such as NIST 800-61, MITRE ATT&CK, and DoD Cyber Kill Chain for structured incident response.
Coordinate response with counterintelligence, compliance, and federal authorities as required.
Manage and optimize Rapid7 InsightIDR, InsightConnect, Nexpose, and InsightVM.
Configure Rapid7 InsightIDR (XDR + SIEM) for real-time detection and analytics.
Utilize Rapid7 InsightConnect (SOAR) to automate incident response playbooks.
Operate Rapid7 Nexpose and InsightVM to identify, assess, and prioritize vulnerabilities.
Correlate vulnerabilities with threat data to prioritize remediation of exploitable risks.
Build automation workflows for patching and remediation through Ansible and Puppet.
Conduct proactive and continuous threat hunting using Python and SIEM queries (KQL, SPL, SQL-like languages).
Develop advanced detection logic mapped to MITRE ATT&CK TTPs.
Integrate threat intelligence feeds (STIX/TAXII, MISP, DoD threat intel sources) into SOC workflows.
Write Python scripts for IOC enrichment, API integrations, and log analysis.
Automate system hardening, patch management, and incident response with Ansible and Puppet.
Monitor and secure workloads across AWS GovCloud, Azure Government, and private cloud infrastructure.
Implement identity and security policy enforcement across multi-cloud and hybrid environments.
Ensure compliance with CMMC, NIST 800-171, NIST 800-53, ITAR, and FedRAMP.
Maintain audit-ready documentation for DoD and regulatory inspections.
Support Boeing’s supply chain cybersecurity programs, ensuring third-party compliance.
Required Skills & Experience:
10+ years in SOC operations, threat detection, and incident response.
Hands-on experience with Rapid7 InsightIDR, InsightConnect, Nexpose, and InsightVM.
Strong automation experience using Python, Ansible, and Puppet.
Familiarity with PowerShell and Bash scripting for cross-platform automation.
Deep knowledge of nation-state threat actors, APT techniques, and defense cyber operations.
Expertise with SIEM, SOAR, IDS/IPS, EDR/XDR, firewalls, and vulnerability management.
Strong communication skills with the ability to brief executives and federal stakeholders.
Education & Certifications:
Bachelor’s degree in Cybersecurity, Computer Science, or related field.
Certification required: InsightIDR Certified Specialist.
Seniority level:
Senior Employment type:
Full-time Job function:
Information Technology
#J-18808-Ljbffr
Senior Employment type:
Full-time Job function:
Information Technology
#J-18808-Ljbffr