Job Family:IT Cyber Security
Travel Required:Up to 10%
Clearance Required:Ability to Obtain Public Trust
What You Will Do:- Monitor security alerts and events in the Security Operations Center (SOC) and perform initial triage, analysis, and escalation as needed.
- Investigate potential security incidents using SIEM, endpoint, network, and other security tools to determine scope, impact, and next steps.
- Document findings, actions taken, and incident details clearly and accurately in accordance with SOC procedures and reporting requirements.
- Escalate confirmed or high-risk incidents to senior analysts or incident response teams when appropriate.
- Support threat detection, alert tuning, and ongoing improvement of SOC monitoring processes and playbooks.
- Collaborate with internal teams to gather information, support investigations, and help protect enterprise systems and data.
- Stay current on common cyber threats, vulnerabilities, and attacker tactics, techniques, and procedures (TTPs).
What You Will Need:- Bachelors degree from an accredited university.
- Minimum of 6 overall years of work experience, 4+ years ideally of experience in cybersecurity, information technology, or a related technical support role.
- Strong understanding of security operations, incident response, and common cyber threats.
- Familiarity with SIEM tools, log analysis, and endpoint or network security concepts.
- Strong analytical and problem-solving skills with the ability to prioritize and respond to alerts in a fast-paced environment.
- Excellent written and verbal communication skills with attention to detail and documentation accuracy.
- Ability to work collaboratively with cross-functional teams and follow established procedures.
- High school diploma or equivalent required; associate's or bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field preferred.
- Have prior experience leading SOC shifts and mentoring jr. analysts
- Must be able to work full time and support SOC operations as needed.
- US Citizenship is required.
- Must be able to OBTAIN and MAINTAIN a "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.
What Would Be Nice To Have:- Experience with tools such as Splunk, QRadar, Microsoft Sentinel, or similar SIEM platforms.
- Security certifications such as Security+, CySA+, GSEC, or equivalent.
- Exposure to incident response, threat hunting, vulnerability management, or malware analysis.
- Basic scripting or automation skills (Python, PowerShell, or similar).
- Knowledge of frameworks such as MITRE ATT&CK, NIST, or CIS controls.
The annual salary range for this position is $92,000.00-$153,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Parental Leave
- 401(k) Retirement Plan
- Group Term Life and Travel Assistance
- Voluntary Life and AD&D Insurance
- Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
- Transit and Parking Commuter Benefits
- Short-Term & Long-Term Disability
- Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Care.com annual membership
- Employee Assistance Program
- Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
- Position may be eligible for a discretionary variable incentive bonus
