Job: Security Analyst

Location: Remote

Continuously review and correlate security event data across SIEM, EDR, IDS/IPS, and

threat intelligence sources to identify complex attack patterns, emerging threats, and

security incidents.

Perform deep-dive analysis of suspicious activity, validate incidents, determine root

cause and impact, and escalate critical incidents with detailed context to Tier 3 as

required.

Create detailed incident reports, timelines, and post-incident summaries; contribute

to lessons-learned documentation and recommendations for remediation and

preventative measures.

violations; advise users and internal/external teams on containment and recovery

actions.

INVESTIGATIONS, fine-tune detection rules. Alert thresholds, and correlation logic to

reduce false positives and improve threat coverage.

configured and tuned. Integrate new threat intelligence feeds into workflows and

proactively hunt for threats using up-to date tactics, techniques, and procedures

(TTPs)

Serve as a customer-facing SME, selling the value of DIS services by demonstrating

capabilities and resolving issues.

Document processes, runbooks, and troubleshooting steps related to SOC operations.
Coordinate with engineering, SOC, and agency staff as needed to meet goals.
Other duties as needed.

Required Skills (rank in order of

Importance):

Preferred Skills (rank in order of

Importance):

Experience with the Palo Alto Cortex XSIAM/XDR platform.
Knowledge of Linux, network administration and network design.
Experience in administration of firewalls, VPN technology, Active Directory, Intrusion

Detection/Prevention systems

Security Analyst

Key skills