Cyber Defense - Senior SOC Analyst (US Federal)
About the position
This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native). The SOC Senior Analyst serves as a senior technical expert responsible for handling the most complex security incidents. You will lead deep-dive investigations, coordinate containment and remediation strategies, and support post-incident analysis. You will work closely with Detection Engineering, Threat Intelligence, and Red/Purple Teams to improve detection coverage and operational effectiveness. This role also contributes to advanced threat hunting, detection development, and SOC capability enhancements. Senior analysts frequently serve as key personnel during major events and provide technical briefings to leadership.
Responsibilities
• Handling the most complex security incidents
• Lead deep-dive investigations
• Coordinate containment and remediation strategies
• Support post-incident analysis
• Work closely with Detection Engineering, Threat Intelligence, and Red/Purple Teams to improve detection coverage and operational effectiveness
• Contribute to advanced threat hunting, detection development, and SOC capability enhancements
• Serve as key personnel during major events and provide technical briefings to leadership
Requirements
• 8+ years of experience in cybersecurity operations, threat detection, or incident response
• Advanced experience with Splunk, including correlation searches and data model usage
• Deep knowledge of network, endpoint, and cloud attack techniques
• Experience leading complex incident investigations
• Bachelor’s degree in Cybersecurity, Engineering, or equivalent experience
• Applicants must have the ability to obtain and maintain a U.S. government issued security clearance
• This role may require a security clearance at the TS/SCI w/CI Poly level
• All Workday personnel working on the contracts be United States citizens (naturalized or native)
Nice-to-haves
• An active TS/SCI w/CI Poly is preferred
• Strong understanding of advanced persistent threat methodologies
• Experience developing detection logic and analytics
• Experience leveraging SOAR automation platforms
• Ability to serve as technical lead during major incidents
• Experience working in classified or air-gapped environments preferred
• Excellent executive-level communication skills
• Relevant advanced certifications such as CISSP, GCIA, GCED, GCIH, or equivalent
Apply tot his job
Apply To this Job
This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native). The SOC Senior Analyst serves as a senior technical expert responsible for handling the most complex security incidents. You will lead deep-dive investigations, coordinate containment and remediation strategies, and support post-incident analysis. You will work closely with Detection Engineering, Threat Intelligence, and Red/Purple Teams to improve detection coverage and operational effectiveness. This role also contributes to advanced threat hunting, detection development, and SOC capability enhancements. Senior analysts frequently serve as key personnel during major events and provide technical briefings to leadership.
Responsibilities
• Handling the most complex security incidents
• Lead deep-dive investigations
• Coordinate containment and remediation strategies
• Support post-incident analysis
• Work closely with Detection Engineering, Threat Intelligence, and Red/Purple Teams to improve detection coverage and operational effectiveness
• Contribute to advanced threat hunting, detection development, and SOC capability enhancements
• Serve as key personnel during major events and provide technical briefings to leadership
Requirements
• 8+ years of experience in cybersecurity operations, threat detection, or incident response
• Advanced experience with Splunk, including correlation searches and data model usage
• Deep knowledge of network, endpoint, and cloud attack techniques
• Experience leading complex incident investigations
• Bachelor’s degree in Cybersecurity, Engineering, or equivalent experience
• Applicants must have the ability to obtain and maintain a U.S. government issued security clearance
• This role may require a security clearance at the TS/SCI w/CI Poly level
• All Workday personnel working on the contracts be United States citizens (naturalized or native)
Nice-to-haves
• An active TS/SCI w/CI Poly is preferred
• Strong understanding of advanced persistent threat methodologies
• Experience developing detection logic and analytics
• Experience leveraging SOAR automation platforms
• Ability to serve as technical lead during major incidents
• Experience working in classified or air-gapped environments preferred
• Excellent executive-level communication skills
• Relevant advanced certifications such as CISSP, GCIA, GCED, GCIH, or equivalent
Apply tot his job
Apply To this Job