GovCIO
Senior Cyber Intrusion Detection Analyst - 2nd shift
GovCIO, Washington, District of Columbia, us, 20022
Overview
GovCIO is currently hiring forSenior Cyber Intrusion Detection Analyst for
2nd shift work
in the Washington, DC and will be a hybrid remote position.
Responsibilities
Respond to cyber incidents, including responding to SOC IR phone calls and SOC emails
Act as a Subject Matter Expert in investigations for potential incidents identified by SOC Tier I & II analysts and Shift Lead
Investigate phishing and self-identified potential cyber threats (phishing emails sent to the SOC)
Work with SOC federal staff and Incident Handlers to analyze, triage, contain, and remediate security incidents
Participate regularly in SOC Splunk engineer working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives. Collaborate across the SOC organizational lines with Threat Hunt and Security Intelligence, while developing depth in your desired cyber discipline and/or technologies
Follow Federal IRP, SOC SOPs and other prudent documentation procedures in order to work and be effective while having an eye towards process improvement/effectivity
Knowledgeable on multiple technology and system types
Able to articulate the incident response lifecycle
Manages and responds to computer security incidents that involve enterprise systems and data including personally identifiable information (PII) breaches
Detect, collect and report cybersecurity incidents
Experience detecting and remediate malicious codes
Helps improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate contractor and federal stakeholders
Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings
Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, Orchestrator logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
Support and help the Cyber Workforce Development Lead, go through tickets analyzing security annotations on documented incidents
Qualifications
Bachelor's with 8+ years of cybser security experience (or commensurate experience)
6+ years intrusion detection examination experience (or commensurate experience)
6 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs; the ability to communicate clearly both orally and in writing.
Working experience with Splunk SIEM.
At least 3 years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments.
Candidate must have one or more advanced certification, including but not limited to: CERT Certified Computer Security Incident Handler, CEH Certified Ethical Hacker, CISSP, GCIH Certified Incident Handler, GISF Information Security Fundamentals
Clearance Required:Ability to maintain a Public Trust clearance
Company Overview
GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.
But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?
What You Can Expect
Interview & Hiring Process
If you are selected to move forward through the process, here's what you canexpect:
During the Interview Process
Virtual video interview conducted via video with the hiring manager and/or team
Camera must be on
A valid photo ID must be presented during each interview
During the Hiring Process
Enhanced Biometrics ID verification screening
Background check, to include:
Criminal history (past 7 years)
Verification of your highest level of education
Verification of your employment history (past 7 years), based on information provided in your application
Employee Perks
At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including:
Employee Assistance Program (EAP)
Corporate Discounts
Learning & Development platform, to include certification preparation content
Training, Education and Certification Assistance*
Referral Bonus Program
Internal Mobility Program
Pet Insurance
Flexible Work Environment
*Available to full-time employees
Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.
We are an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.
Posted Pay Range
The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.
Posted Salary Range
USD $108,310.00 - USD $140,000.00 /Yr.
Submit a referral to this job (https://careers-govcio.icims.com/jobs/6391/senior-cyber-intrusion-detection-analyst---2nd-shift/job?mode=apply&apply=yes&in_iframe=1&hashed=-1834385473)
Location
US-DC-Washington, D.C.
ID
2025-6391
Category
Cyber Security Services
Position Type
Full-Time
GovCIO is currently hiring forSenior Cyber Intrusion Detection Analyst for
2nd shift work
in the Washington, DC and will be a hybrid remote position.
Responsibilities
Respond to cyber incidents, including responding to SOC IR phone calls and SOC emails
Act as a Subject Matter Expert in investigations for potential incidents identified by SOC Tier I & II analysts and Shift Lead
Investigate phishing and self-identified potential cyber threats (phishing emails sent to the SOC)
Work with SOC federal staff and Incident Handlers to analyze, triage, contain, and remediate security incidents
Participate regularly in SOC Splunk engineer working group sessions, to include idea generation for new content rules for security alerting and reduction of false positives. Collaborate across the SOC organizational lines with Threat Hunt and Security Intelligence, while developing depth in your desired cyber discipline and/or technologies
Follow Federal IRP, SOC SOPs and other prudent documentation procedures in order to work and be effective while having an eye towards process improvement/effectivity
Knowledgeable on multiple technology and system types
Able to articulate the incident response lifecycle
Manages and responds to computer security incidents that involve enterprise systems and data including personally identifiable information (PII) breaches
Detect, collect and report cybersecurity incidents
Experience detecting and remediate malicious codes
Helps improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate contractor and federal stakeholders
Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings
Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, Orchestrator logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents
Support and help the Cyber Workforce Development Lead, go through tickets analyzing security annotations on documented incidents
Qualifications
Bachelor's with 8+ years of cybser security experience (or commensurate experience)
6+ years intrusion detection examination experience (or commensurate experience)
6 years of security intrusion detection examination experience involving a range of security technologies that produce logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs; the ability to communicate clearly both orally and in writing.
Working experience with Splunk SIEM.
At least 3 years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments.
Candidate must have one or more advanced certification, including but not limited to: CERT Certified Computer Security Incident Handler, CEH Certified Ethical Hacker, CISSP, GCIH Certified Incident Handler, GISF Information Security Fundamentals
Clearance Required:Ability to maintain a Public Trust clearance
Company Overview
GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.
But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?
What You Can Expect
Interview & Hiring Process
If you are selected to move forward through the process, here's what you canexpect:
During the Interview Process
Virtual video interview conducted via video with the hiring manager and/or team
Camera must be on
A valid photo ID must be presented during each interview
During the Hiring Process
Enhanced Biometrics ID verification screening
Background check, to include:
Criminal history (past 7 years)
Verification of your highest level of education
Verification of your employment history (past 7 years), based on information provided in your application
Employee Perks
At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including:
Employee Assistance Program (EAP)
Corporate Discounts
Learning & Development platform, to include certification preparation content
Training, Education and Certification Assistance*
Referral Bonus Program
Internal Mobility Program
Pet Insurance
Flexible Work Environment
*Available to full-time employees
Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.
We are an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.
Posted Pay Range
The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.
Posted Salary Range
USD $108,310.00 - USD $140,000.00 /Yr.
Submit a referral to this job (https://careers-govcio.icims.com/jobs/6391/senior-cyber-intrusion-detection-analyst---2nd-shift/job?mode=apply&apply=yes&in_iframe=1&hashed=-1834385473)
Location
US-DC-Washington, D.C.
ID
2025-6391
Category
Cyber Security Services
Position Type
Full-Time