A-TEK, Inc.
Cyber Security Analyst Tier 3
Join A-TEK, Inc. as a hands‑on Security Operations Center (SOC) professional ready to thrive in fast‑paced incident response, threat hunting, and mentoring analysts.
Location Rockville, MD (on‑site / physical worksite)
Responsibilities
Lead high‑complexity incident response: guide triage, deep‑dive analysis, containment, eradication, recovery, and lessons learned.
Oversee continuous monitoring & detection: analyze alerts, logs, and network/endpoint telemetry to identify malicious activity and validate true positives.
Mentor Tier 1/Tier 2 analysts: coach investigation techniques, escalation decisions, and operational discipline.
Apply threat intelligence: track emerging threats/TTPs and translate intel into detections, hunting hypotheses, and SOC improvements.
Produce clear incident reporting: communicate technical findings to both technical and non‑technical stakeholders.
Improve SOC playbooks & workflows: strengthen procedures, streamline response, and mature operations over time.
Partner cross‑functionally: coordinate with IT, network ops, compliance, and other stakeholders during incidents and investigations.
Evaluate and tune security tools: enhance SOC capability through SIEM/SOAR/XDR/EDR and supporting technologies.
Required Qualifications
5+ years in cybersecurity, including demonstrated SOC operations experience (Tier 3 / escalation level strongly preferred)
Strong endpoint + network security background, including identifying indicators of compromise and responding to incidents
Ability to obtain and maintain a Public Trust clearance
Active certification required: CISSP, CISM, or CISA
Bachelor’s degree in a related field or equivalent experience
Preferred Experience (Nice to Have)
Strong working knowledge of adversary tactics (MITRE ATT&CK), Windows event logs, and network traffic analysis (TCP/IP, routing/switching, protocols)
SQL querying and/or scripting/programming
Experience with enterprise SIEM and security data management
Tool familiarity such as Splunk, CrowdStrike, Tenable, Forescout, BigFix, EnCase, FireEye, Cortex SOAR/XDR, Prisma, and similar platforms
Compensation $130,000.00 – $140,000.00 per year, based on experience and certification levels.
Benefits Health, dental, and vision insurance; 401(k) with employer match; paid time off; professional development opportunities.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries Government Administration and Computer and Network Security
#J-18808-Ljbffr
Location Rockville, MD (on‑site / physical worksite)
Responsibilities
Lead high‑complexity incident response: guide triage, deep‑dive analysis, containment, eradication, recovery, and lessons learned.
Oversee continuous monitoring & detection: analyze alerts, logs, and network/endpoint telemetry to identify malicious activity and validate true positives.
Mentor Tier 1/Tier 2 analysts: coach investigation techniques, escalation decisions, and operational discipline.
Apply threat intelligence: track emerging threats/TTPs and translate intel into detections, hunting hypotheses, and SOC improvements.
Produce clear incident reporting: communicate technical findings to both technical and non‑technical stakeholders.
Improve SOC playbooks & workflows: strengthen procedures, streamline response, and mature operations over time.
Partner cross‑functionally: coordinate with IT, network ops, compliance, and other stakeholders during incidents and investigations.
Evaluate and tune security tools: enhance SOC capability through SIEM/SOAR/XDR/EDR and supporting technologies.
Required Qualifications
5+ years in cybersecurity, including demonstrated SOC operations experience (Tier 3 / escalation level strongly preferred)
Strong endpoint + network security background, including identifying indicators of compromise and responding to incidents
Ability to obtain and maintain a Public Trust clearance
Active certification required: CISSP, CISM, or CISA
Bachelor’s degree in a related field or equivalent experience
Preferred Experience (Nice to Have)
Strong working knowledge of adversary tactics (MITRE ATT&CK), Windows event logs, and network traffic analysis (TCP/IP, routing/switching, protocols)
SQL querying and/or scripting/programming
Experience with enterprise SIEM and security data management
Tool familiarity such as Splunk, CrowdStrike, Tenable, Forescout, BigFix, EnCase, FireEye, Cortex SOAR/XDR, Prisma, and similar platforms
Compensation $130,000.00 – $140,000.00 per year, based on experience and certification levels.
Benefits Health, dental, and vision insurance; 401(k) with employer match; paid time off; professional development opportunities.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries Government Administration and Computer and Network Security
#J-18808-Ljbffr