Cybersecurity Analyst

The Tier 2 Cybersecurity Analyst role supports advanced threat detection and incident response within a Security Operations Center (SOC). This position serves as an escalation point for Tier 1 Analysts and is responsible for conducting deeper analysis and investigation of complex security events. Candidates should possess more than five years of experience in cybersecurity operations, with direct involvement in intrusion detection, incident response, and threat analysis.

Key Responsibilities:

• Investigate complex incidents escalated from Tier 1 Analysts.

• Perform deep-dive log analysis, packet inspection, and event correlation across multiple systems.

• Lead containment, eradication, and recovery efforts during security incidents.

• Conduct root cause analysis and document technical findings in detailed incident reports.

• Recommend improvements to detection and response capabilities based on threat activity and incident trends.

• Coordinate across technical teams and stakeholders to ensure accurate and timely incident response.

• Maintain awareness of evolving threats, vulnerabilities, and adversary tactics.

Required Qualifications:

• A minimum of five (5) years of experience in information systems security operations, including system monitoring, intrusion detection, threat analysis, and incident response.
• Active TS-SCI

• Experience with enterprise SIEM platforms, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) tools.

• Demonstrated ability to analyze events and artifacts across Windows, Linux, and network infrastructure.

• Proficiency in interpreting indicators of compromise and leveraging frameworks such as MITRE ATT&CK and NIST.

• Strong verbal and written communication skills, including incident documentation and reporting.

• Ability to work independently and collaboratively in a high-tempo operational environment.

Desired Qualifications:

• Industry certifications such as CompTIA Security+, CySA +, CEH, GCIH, GCIA, or CISSP.

• Experience supporting Department of Defense (DoD) cybersecurity missions.

• Familiarity with scripting or automation (e.g., Python, PowerShell) to support investigative workflows.

• Experience with threat intelligence platforms and integration into SOC operations.

Familiarity with the following tools, software, and hardware is strongly preferred:

• Security Tools & Platforms: Suricata, Arkime , Zeek, Splunk, Trellix, ACAS

• Infrastructure Technologies: Proxmox , Elasticsearch, Kubernetes (K8s) or other microservice deployments

• Network and Security Hardware: Palo Alto firewalls, Gigamon Packet Broker, Gigamon A and M Series Taps, Dell PowerEdge Servers, Cisco routers, switches, and firewalls

Why Work for Us?

Core4ce is a team of innovators, self-starters, and critical thinkers-driven by a shared mission to strengthen national security and advance warfighting outcomes.

We offer:

• 401(k) with 100% company match on the first 6% deferred, with immediate vesting
• Comprehensive medical, dental, and vision coverage-employee portion paid 100% by Core4ce
• Unlimited access to training and certifications, with no pre-set cap on eligible professional development
• Tuition assistance for job-related degrees and courses
• Paid parental leave, PTO that grows with tenure, and generous holiday schedules
• Got a big idea? At Core4ce, The Forge gives every employee the chance to propose bold innovations and help bring them to life with internal backing.

Join us to build a career that matters-supported by a company that invests in you.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.