Apply on Employer Site

Akira Technologies · 1 month ago

SOC Cyber Defense Analyst - SME (Journeyman)

Norfolk, VA, US

Full-time

Onsite

Senior Level

$125K/yr - $140K/yr

5+ years exp

Akira Technologies is seeking a SOC Cyber Defense Analyst (SME / Journeyman) to support a government client in Norfolk, VA. This role provides hands-on cybersecurity monitoring, incident response, and forensic analysis across Operational Technology (OT), Industrial Control Systems (ICS), and enterprise network environments, including on-premises and cloud systems.

LifestyleMobileSoftware

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Perform cyber defense monitoring and forensic analysis across host and network systems, including malware triage, log correlation, and timeline reconstruction

Investigate security incidents using MITRE ATT&CK and Cyber Kill Chain methodologies

Support containment, eradication, and recovery actions in accordance with established incident response procedures

Serve as a journeyman-level SME, providing technical guidance and mentoring to junior SOC analysts

Monitor, tune, and enhance SIEM platforms (e.g., Splunk Enterprise Security, Elastic SIEM, Cribl) to improve detection and threat visibility

Develop and maintain SIEM correlation rules, dashboards, and continuous monitoring content using data models and tstats

Evaluate system and network configurations for vulnerabilities and recommend remediation aligned with DoD cybersecurity standards

Support STIG compliance activities and assist with Information Assurance Vulnerability Management (IVAM) actions

Utilize asset mapping and inventory tools to validate authorized devices and identify unauthorized or anomalous systems

Handle digital evidence in accordance with government forensic and chain-of-custody best practices

Produce concise technical and executive-level reports detailing findings, impacts, and mitigation recommendations

Collaborate with SOC leadership and government stakeholders to improve SOC workflows, threat hunting, and operational effectiveness

Qualification

Cybersecurity operations experienceIncident responseSIEM platformsWindowsLinux OSDoD cybersecurity frameworksSplunk Enterprise SecurityVulnerability assessment toolsMentoring junior analystsCollaboration with stakeholdersForensic analysisTechnical communication

Required

Active Top Secret clearance (or higher)

5–7 years of experience in cybersecurity operations, SOC analysis, or incident response

Strong knowledge of Windows and Linux operating systems, network traffic analysis, and security monitoring

Experience working within DoD cybersecurity frameworks and compliance-driven environments

Hands-on experience with tools such as Splunk (Enterprise Security preferred), Palo Alto, Elastic SIEM, Cribl, Nessus, CrowdStrike, VMware, or similar technologies

Demonstrated ability to independently lead investigations and communicate findings to technical and non-technical audiences