SOSi

Senior Cyber Defense Analyst

SOSi  •  Hawaii (Onsite)  •  6 days ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Senior Cyber Defense Analyst – NIGHT Shift Lead

Step into a high-impact cyber defense leadership role at the forefront of mission operations. As a Night Shift Senior Cyber Defense Analyst Lead within SOSi’s INDOPACOM Network Security Operations Center, you’ll drive real-time threat defense across multi-enclave coalition environments powered by cutting-edge DaaS private cloud technology.

This role blends advanced cyber operations with modern AI-assisted detection—leading analysts through threat hunting, incident response, and rapid decision-making to protect critical warfighter networks. You’ll be the connective force between detection engineering, cyber innovation teams, and mission partners, ensuring precision, speed, and mission assurance in a dynamic, 24/7 operational environment.

Lead the shift. Validate the signal. Defend the mission.

Essential Job Duties

  • Serve as the senior analyst and shift lead for assigned operations, providing direction on monitoring priorities, triage, threat hunting, and incident investigation activities.
  • Coordinate shift-level cyber defense response activities during alerts, incidents, outages, and mission-impacting events, escalating to the Incident Response Lead, DCO Lead, or INSOC leadership as required.
  • Validate, adjudicate, and prioritize escalated detections from AI-assisted SOC tools, SIEM, EDR, SOAR, and enterprise monitoring platforms.
  • Lead initial incident triage and support containment, remediation, evidence preservation, reporting, and handoff activities across shift transitions.
  • Mentor junior and mid-level analysts in detection analysis, threat hunting, incident response procedures, documentation standards, and operational best practices.
  • Serve as the shift-level liaison between analysts, DCAI engineers, detection engineering, NetOps, SysOps, and mission partners to refine detections, SOAR playbooks, AI-assisted workflows, and response procedures.
  • Conduct threat hunting based on adversary tactics, techniques, and procedures (TTPs), threat intelligence, anomaly detection, and mission-specific risk indicators.
  • Ensure incidents, investigations, shift notes, case updates, and lessons learned are documented accurately in accordance with SOPs, CSSP reporting requirements, and escalation timelines.
  • Support red/blue team events, tabletop exercises, operational drills, and after-action reviews to validate analyst readiness and improve shift procedures.
  • Provide clear verbal and written shift updates, incident summaries, and operational reporting to leadership, Government stakeholders, and external mission partners as required.
  • Maintain awareness of enterprise cyber, network, system, and mission environments to support timely detection, correlation, and mission-impact assessment.
  • Support compliance with RMF, CSSP, DoD 8140, SOPs, and accreditation requirements for AI-augmented cyber defense and incident response processes.

Qualifications

Minimum Requirements

  • Active in-scope Top Secret/SCI clearance.
  • DoD 8140 / 8570 IAT Level II certification required within 180 days of hire, such as Security+ CE, CySA+, GSEC, CCNA Security, or equivalent.
  • Minimum 5+ years of SOC, CSSP, Defensive Cyberspace Operations, or cyber defense experience with demonstrated incident response and threat hunting expertise.
  • Experience serving as a senior analyst, shift lead, incident lead, or escalation point within a SOC or enterprise cyber defense environment.
  • Strong understanding of adversary TTPs, MITRE ATT&CK, malware analysis fundamentals, cyber kill chain concepts, and advanced detection and response techniques.
  • Hands-on experience with SIEM, EDR, SOAR, packet capture and analysis tools, and enterprise monitoring platforms, such as Splunk, Elastic, Defender, Wireshark, Zeek, ServiceNow, or similar tools.
  • Ability to coordinate cross-functional response efforts across analysts, engineers, operations teams, Government stakeholders, and mission partners during cyber incidents and operational events.
  • Strong written and verbal communication skills, including the ability to brief technical findings, incident status, operational risk, and recommended actions to technical and non-technical audiences.
  • Must be flexible to support 24/7/365 operations, including rotating shifts, nights, weekends, holidays, on-call support, and surge coverage during major incidents or exercises.

Preferred Qualifications

  • Advanced certifications such as GCIA, GCIH, GDAT, GCTI, CISSP, CASP+, or equivalent.
  • Experience supporting DISA, CSSP, TNCC, INDOPACOM, coalition, or military cyber defense environments.
  • Prior Tier 2/Tier 3 SOC analyst, shift lead, incident commander, battle captain, or major incident coordination experience.
  • Experience working with AI/ML-assisted SOC platforms, automation pipelines, SOAR workflows, and operational analytics platforms.
  • Experience building, maturing, or refining SOC workflows, CONOPS, SOPs, escalation procedures, dashboards, and reporting products.
  • Experience with Mavin, Power BI, JIRA, ServiceNow, Elastic, Splunk, Microsoft Defender, Zeek, Wireshark, or similar enterprise platforms.

Additional Information

Work Environment

  • NIGHT Shift-based schedule 2200 till 0600 hours as a senior analyst role supporting 24/7/365 mission operations; flexibility is required for rotating shifts, weekends, holidays, after-hours escalations, exercises, and surge support.
  • Fast-paced, mission-critical cyber defense operations supporting classified mission activities and enterprise-level operational response.
  • May require participation in operational meetings, briefings, shift turnovers, tabletop exercises, and after-action reviews.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.

SOSi

About SOSi

SOSi solves the challenges of the modern mission. A leader in delivering transformational and trusted technology and mission solutions, SOSi supports clients across the aerospace, defense, and government services industry.

Where others see the size of the challenge, we succeed at delivering solutions! #ChallengeAccepted

--

Fraud Alert:

Recruitment fraud is a growing trend where fraudsters impersonate SOSi and its employees to deceive job seekers with fake employment opportunities. These scams typically involve fake job postings, unauthorized email accounts, or forged documents claiming to be from SOSi. The intent is to gain access to your personal information, including banking details, credit card numbers, or social security numbers.

Please be aware that all legitimate SOSi communications come from official @sosi.com or @sosi.us email addresses, and we never request personal information during initial contact. Our official careers site can be found at sosi.com/careers and our corporate site at sosi.com.

If you receive a suspicious job offer claiming to be from SOSi, contact us directly at careers@sosi.com to verify its legitimacy.

Industry
Aviation & Aerospace
Company Size
1,001-5,000 employees
Headquarters
Reston, Virginia
Year Founded
1989
Website
sosi.com
Social Media