Security Analyst II- 2 days onsite Alexandria, VA

Security Analyst II

The Senior Security Analyst II plays a key role in designing, configuring, testing, and deploying both on-premises and cloud services. This role encompasses responsibilities in incident response, threat hunting, and proactive support for development activities across cloud and on-prem environments.

The company is located in Alexandria, VA and will be a hybrid model of 2 days onsite a week.

What You Will Be Doing:

• Detect anomalous activity and assess the potential impact of security events.
• Monitor information systems and assets to identify cybersecurity events and verify protective measures' effectiveness.
• Maintain and test detection processes to ensure awareness of unusual activities.
• Coordinate response efforts with internal and external stakeholders, including external service providers.
• Conduct thorough analysis to facilitate effective incident response and support recovery efforts.
• Perform activities to contain and mitigate the impact of security incidents and work towards resolution.
• Execute and maintain response processes to address detected cybersecurity incidents.
• Oversee and maintain recovery processes to restore systems affected by cybersecurity events.
• Continuously improve recovery planning by integrating lessons learned into future activities.
• Coordinate restoration efforts with internal teams and external entities, including response centers, CSIRTs, and vendors.
• Support overall cybersecurity initiatives and contribute to the organization's mission.

Required Skills & Experience:

• At least 3 years in a systems engineering or administration role.
• Minimum of 4 years as a security analyst.
• At least 5 years in cybersecurity roles.

• GIAC certifications (GCIH, GCIA, GMON, GCED) or similar defense-focused certifications are preferred.
• Other relevant certifications (e.g., EC-Council, ISC2, Cisco, Microsoft, Fortinet, CompTIA, Offensive Security) considered based on applicability to defensive cybersecurity operations.
• Bachelor's Degree in cybersecurity, IT, computer science, or related field, or equivalent experience.

• Technical leadership on cybersecurity projects and consultations.
• Experience leading a Cybersecurity Incident Response Team (CIRT), CSIRT, and working with MSSPs on daily incident response tasks.
• Proficiency in deploying, configuring, and maintaining cybersecurity technology stacks.
• Ability to communicate complex cybersecurity concepts to non-technical audiences.
• Strong commitment to promoting cybersecurity policies and standards organization-wide.
• Ability to foster collaborative relationships across teams to advance the organization's mission.

Desired Skills & Experience:

• Expert knowledge in technologies and concepts such as DFIR, IAM, PAM, DLP, NGFW, EDR, SIEM, IDS/IPS.
• Strong foundational understanding of IT and cybersecurity, including email security, application security, cloud security (IaaS & PaaS), MITRE ATT&CK, SIEM, SOAR, CASB, MSSPs, DNS, Linux, Windows.
• Basic knowledge of NIST, MDM, OWASP, scripting languages (PowerShell/Python/JavaScript), MacOS, malware analysis, LOLBAS, vulnerability management, WAF, CIS Benchmarks.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.