Apply on Employer Site

General Dynamics Mission Systems · 11 hours ago

Cybersecurity SOC Analyst

United States

Full-time

Remote

Entry, Mid Level

$90K/yr - $98K/yr

2+ years exp

General Dynamics Mission Systems (GDMS) is seeking a Cybersecurity SOC Analyst with expertise in Splunk Enterprise Security and a strong background in threat detection and incident response. This role is critical for monitoring, analyzing, and responding to security events across GDMS’s enterprise and cloud environments.

AerospaceBusiness Information SystemsInformation ServicesInformation TechnologyNational SecuritySensor

No H1B

U.S. Citizen Only

Responsibilities

Develop and optimize Splunk SPL queries, dashboards, and correlation searches within Splunk Enterprise Security (ES)

Maintain and enhance Splunk content for detection and reporting

Analyze logs from multiple sources, including Windows Event Logs, Linux system logs, CrowdStrike telemetry, firewall logs, and network traffic

Investigate alerts to identify potential security incidents and anomalous behavior

Conduct proactive threat hunting to detect advanced persistent threats (APTs), insider threats, and suspicious activity across enterprise networks

Incorporate findings into detection content and response playbooks

Monitor and analyze DLP alerts for data exfiltration, data tagging, and compliance violations

Collaborate with teams to remediate and prevent data leakage incidents

Execute IR processes including detection, analysis, containment, eradication, and recovery

Document and track incidents using SOC workflows and ticketing systems

Monitor and assess security controls in AWS and Azure environments

Identify and remediate cloud-specific threats and misconfigurations

Support email security operations, including anti-phishing, anti-spam, malware detection, and incident response for email-based attacks

Stay current with emerging threats, vulnerabilities, and security technologies

Develop automation workflows and scripts to enhance SOC efficiency

Qualification

Splunk Enterprise SecurityThreat detectionIncident responseCloud securitySplunk SPLLog analysisThreat huntingDLP solutionsAWS securityAzure securityCISSPSecurity+CEHSplunk Certified Power UserSplunk Enterprise Security Certified AdminCommunication skills

Required

Bachelor's degree in a related specialized area or equivalent is required plus a minimum of 2 years of relevant experience; or Master's degree plus a minimum of 0 years of relevant experience

U.S. citizenship is required

Advanced expertise in Splunk Enterprise Security (ES)

Strong background in threat detection, incident response, and cloud security

Hands-on experience with Splunk SPL, dashboard creation, and correlation searches

Proficiency in analyzing logs from diverse sources

Experience conducting threat hunts

Ability to improve detection capabilities

Collaboration with cross-functional teams to mitigate risks

Experience in monitoring, analyzing, and responding to security events

Develop and optimize Splunk SPL queries, dashboards, and correlation searches