Today
Top Secret
IT - Security
Huntsville, AL (On/Off-Site)
TEKsystems is seeking experienced Incident Response Analysts and Watch Floor Analysts to lead and oversee advanced incident response and Watch Floor operations. These roles require deep expertise in detecting, analyzing, and responding to sophisticated cyber threats, with responsibilities that include mentoring junior staff and enhancing SOC processes.
Key Responsibilities:
• Advanced Threat Monitoring and Analysis: Lead threat monitoring activities to detect and analyze complex security incidents using SIEM tools, IDS/IPS, EDR, and other advanced security platforms.
• Incident Response and Coordination: Direct and manage incident response actions, from identification through containment, eradication, and recovery.
• Mentorship and Training: Provide guidance, training, and mentorship to junior and mid-level analysts, fostering a culture of continuous improvement and knowledge sharing within the team.
• Threat Intelligence Application: Leverage threat intelligence sources to inform proactive threat hunting and incident analysis, maintaining awareness of evolving threat landscapes.
• Documentation and Process Improvement: Ensure thorough documentation of incidents and contribute to the continuous improvement of SOC playbooks and response protocols.
• Watch Floor Operations Leadership: Oversee shift-based SOC operations, ensuring 24/7 coverage and adherence to established incident response procedures.
• Cross-Functional Collaboration: Work closely with SOC leadership, incident response teams, and threat intelligence analysts to strengthen the organization’s overall security posture.
Qualifications:
Educational Background: - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent experience and certifications may be considered.
Technical Expertise: - Extensive experience with cybersecurity tools, including SIEM (e.g., Splunk, Sentinel), EDR, IDS/IPS, firewalls, and threat intelligence platforms; - Deep understanding of network protocols, attack vectors, and defense methodologies; - Advanced analytical skills for threat detection, incident response, and forensic investigation.
Certifications: - Highly preferred certifications include Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Manager (CISM), or Certified Ethical Hacker (CEH).
Experience Level: -Seeking all levels of experience, from Junior to Senior. Experience in cybersecurity with a focus on incident response, SOC operations, or watchfloor management; - Demonstrated experience in shift-based or watchfloor roles and in leading response efforts for complex security incidents.
Junior: 1 year relevant experience
Mid: 5 years relevant experience
Senior: 8+ years relevant experience
Leadership Skills: - Strong leadership and mentoring abilities, with experience in training and developing junior analysts; - Excellent communication skills and a collaborative mindset, able to effectively engage with both technical and non-technical teams.
Work Schedule: This position requires shift-based work as part of a 24/7 SOC team rotation, including nights, weekends, and holidays.
- Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
- Medical, dental & vision
- Critical Illness, Accident, and Hospital
- 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
- Life Insurance (Voluntary Life & AD&D for the employee and dependents)
- Short and long-term disability
- Health Spending Account (HSA)
- Transportation benefits
- Employee Assistance Program
- Time Off/Leave (PTO, Vacation or Sick Leave)
Key Responsibilities:
• Advanced Threat Monitoring and Analysis: Lead threat monitoring activities to detect and analyze complex security incidents using SIEM tools, IDS/IPS, EDR, and other advanced security platforms.
• Incident Response and Coordination: Direct and manage incident response actions, from identification through containment, eradication, and recovery.
• Mentorship and Training: Provide guidance, training, and mentorship to junior and mid-level analysts, fostering a culture of continuous improvement and knowledge sharing within the team.
• Threat Intelligence Application: Leverage threat intelligence sources to inform proactive threat hunting and incident analysis, maintaining awareness of evolving threat landscapes.
• Documentation and Process Improvement: Ensure thorough documentation of incidents and contribute to the continuous improvement of SOC playbooks and response protocols.
• Watch Floor Operations Leadership: Oversee shift-based SOC operations, ensuring 24/7 coverage and adherence to established incident response procedures.
• Cross-Functional Collaboration: Work closely with SOC leadership, incident response teams, and threat intelligence analysts to strengthen the organization’s overall security posture.
Qualifications:
Educational Background: - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent experience and certifications may be considered.
Technical Expertise: - Extensive experience with cybersecurity tools, including SIEM (e.g., Splunk, Sentinel), EDR, IDS/IPS, firewalls, and threat intelligence platforms; - Deep understanding of network protocols, attack vectors, and defense methodologies; - Advanced analytical skills for threat detection, incident response, and forensic investigation.
Certifications: - Highly preferred certifications include Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Manager (CISM), or Certified Ethical Hacker (CEH).
Experience Level: -Seeking all levels of experience, from Junior to Senior. Experience in cybersecurity with a focus on incident response, SOC operations, or watchfloor management; - Demonstrated experience in shift-based or watchfloor roles and in leading response efforts for complex security incidents.
Junior: 1 year relevant experience
Mid: 5 years relevant experience
Senior: 8+ years relevant experience
Leadership Skills: - Strong leadership and mentoring abilities, with experience in training and developing junior analysts; - Excellent communication skills and a collaborative mindset, able to effectively engage with both technical and non-technical teams.
Work Schedule: This position requires shift-based work as part of a 24/7 SOC team rotation, including nights, weekends, and holidays.
- Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
- Medical, dental & vision
- Critical Illness, Accident, and Hospital
- 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
- Life Insurance (Voluntary Life & AD&D for the employee and dependents)
- Short and long-term disability
- Health Spending Account (HSA)
- Transportation benefits
- Employee Assistance Program
- Time Off/Leave (PTO, Vacation or Sick Leave)
group id: 10105424
Accelerating IT transformation in the public sector
