[Remote] Cyber Operations Analyst – SOC Threat Management (Night Shift)

Note: The job is a remote job and is open to candidates in USA. phia, LLC is a small business focused on Cyber Intelligence and Cyber Security. They are seeking a Cyber Operations Analyst to support 24x7 operations in a Federal agency Cyber Security Operations Center, focusing on advanced cyber threat monitoring, incident analysis, and leveraging AI/ML for SOC efficiency. Responsibilities • Support 24x7 monitoring, detection, and management of advanced cyber threats • Perform deep-dive incident analysis by correlating data from multiple sources to determine impact on critical systems or datasets • Execute operational processes in support of response efforts to identified security incidents • Analyze network traffic to identify exploit or intrusion attempts, and recommend, implement, and tune detection mechanisms • Provide subject matter expertise on network-based attacks, intrusion methodologies, and threat management • Escalate complex incidents for further investigation and collaborate with other Threat Management team members • Utilize AI/ML-based tools to detect anomalies, automate triage, and improve threat intelligence • Conduct threat intelligence analysis to assess risk and adapt defenses using ML-enhanced tools • Manage email security using ProofPoint and respond promptly to threats • Configure and optimize Splunk for log analysis, alerting, and incident investigation • Deploy and monitor SentinelOne agents, FirePower detection rules and configurations, and enforce robust security measures • Monitor and respond to alerts across platforms including Microsoft Defender XDR, Defender for Endpoint, Defender for Office 365, Azure Entra ID, and Google Cloud SCC • Tune security policies, maintain visibility into cloud and endpoint environments, and support continuous improvement of security posture • Identify and implement automation use cases leveraging AI/ML and SOAR capabilities • Stay current on cybersecurity trends, threat actors, and AI/ML advancements relevant to SOC operations Skills • Experienced in cyber/IT security with at least 3+ years in cybersecurity/SOC analysis and operations • Familiarity with Artificial Intelligence / Machine Learning (AI/ML) capabilities, and their application to cyber analysis and SOC operations • Skilled in network traffic analysis and threat detection methodologies • Strong understanding of Boolean logic, TCP/IP fundamentals, network-level exploits, and IDS/IPS technologies • Familiar with control frameworks, risk management techniques, and cloud security (AWS, Azure, GCP) • Hands-on experience with cybersecurity automation and SOAR platforms • Proficient in using ML frameworks for anomaly detection, threat intelligence, and behavioral analysis • Excellent communication, organizational, and interpersonal skills • BA/BS in Computer Science, IT, or related field (or equivalent experience) • 3+ years of direct experience in cybersecurity and SOC analysis & operations • U.S. Citizenship required • Ability to obtain Public Trust clearance • Experience with Splunk, ProofPoint, Cisco FirePower, SentinelOne, and Microsoft Defender suite • Expertise with IDS/IPS architectures, signature creation, and anomaly-based detection • Strong data analysis and feature engineering skills for ML-based security models • Direct experience with AI/ML applications in SOC environments, including automated threat detection and predictive analytics Benefits • Medical Insurance • Dental Insurance • Vision Insurance • Life Insurance • Short Term & Long Term Disability • 401k Retirement Savings Plan with Company Match • Paid Holidays • Paid Time Off (PTO) • Tuition and Professional Development Assistance Company Overview • phia LLC is a Northern Virginia based small business that was established in 2011. It was founded in 2011, and is headquartered in Fairfax, Virginia, USA, with a workforce of 11-50 employees. Its website is Apply tot his job