Security Operations Center (SOC) Analyst, Journeyman

We are seeking a highly skilled and innovative Security Operations Center (SOC) Analyst, Journeyman to join our team in the greater DMV area, supporting the Army National Guard.

Responsibilities

Perform advanced analysis of security events escalated from Tier 1: correlate SIEM logs, IDS/IPS alerts, EDR/endpoint telemetry, network flows, and threatintelligence feeds to identify true incidents.
• Investigate suspected compromises, conduct risk assessments for access requests, and develop initial countermeasure recommendations in coordination with SOC, CIRT, and RCCARNG.
• Author, tune, and refine detection content (SIEM rules, IDS/IPS signatures, filters) to improve fidelity and reduce alert noise.
• Execute deeper forensic/log analysis, reconstruct timelines, and validate detections to support escalation and remediation workflows.
• Document investigation steps, produce incident summaries and technical inputs for SOC reports, and maintain case evidence and tickets.
• Coordinate with engineering and sensor owners on tuning, deployment of detection logic, WCF/FPA policy adjustments, and monitoring enhancements.
• Contribute to SOC playbook updates, detection engineering backlog, and continuous improvement initiatives to enhance detection and response capabilities.

#ENOCS

Qualifications

• 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
  • Relevant DoD/military training (examples: 4C255S (CP); M03385G; M10395B; M223854; A5310451; A5314421; A5311900; Cyber Defense Analyst (Intermediate) Playlist; DISA (511) Training); OR
  • Relevant professional certification or equivalent experience (examples: CEH(P); GMON; GRID; Cloud+; FITSPO; GCED; GDSA; GSEC; PenTest+; Security+).

• Required experience and skills:

  • SOC, incident response, or detection engineering experience with demonstrated Tier2 analysis responsibilities.
  • Proficiency with SIEM query languages and alert investigation workflows, EDR triage, IDS/IPS signature logic, and log forensics.
  • Experience authoring and tuning detection rules/signatures, validating IOCs, and documenting reproducible investigation artifacts.
  • Strong analytical writing for incident summaries, technical briefs, and escalation packages; ability to coordinate crossteam remediation actions.

• Desired:

  • Prior DoD/ARNG SOC or detection engineering experience and familiarity with CDAP/CHAP operational contexts.
  • Experience with threathunting techniques, detection metrics (precision/recall), SOAR integrations, and mentoring junior analysts.

#ENOCS

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.