Job Description

Public Trust: BI Full 6C (T4)

Requisition Type: Regular

Your Impact

Own your opportunity to manage the network that makes mission success possible. Make an impact by using your skills to deliver “One GDIT Network” for our clients.

Job Description

We are seeking a Tier 2 Cybersecurity Analyst to join our dynamic Cyber Security Operations Center (CSOC) . The ideal candidate will be responsible for advanced threat detection, incident response, and security event analysis across the enterprise environment at the Department of Education . This role serves as the escalation point for Tier 1 analysts and plays a key role in containing threats, improving detection capabilities, and hardening defenses.

You will work closely with other cybersecurity, infrastructure, and threat intelligence teams to investigate complex incidents, refine detection rules, and enhance SOC processes to strengthen the organization's security posture.

Key Responsibilities

• Perform in-depth triage and analysis of alerts escalated from Tier 1, including endpoint, network, and cloud events.
• Investigate and respond to malware infections, phishing attempts, lateral movement, and data exfiltration indicators.
• Conduct root cause analysis and coordinate containment, eradication, and recovery efforts.
• Assist in tuning tools within our security stack and playbook automation to reduce false positives and improve efficiency.
• Maintain incident response documentation, procedures, and post-incident reports.
• Collaborate with Threat Intelligence and Tier 3 teams to refine detection content based on emerging threats.
• Assist in vulnerability management and remediation verification.
• Provide guidance and mentorship to Tier 1 analysts on investigations and best practices.
• Participate in on-call rotation.

Required Qualifications

Education:

Technical Training, Certification(s), or Degree

Experience:

1+ years of experience in a Security Operations Center or incident response role.

Certification: CompTia Security+ desired, but other relevant security certifications may be considered in lieu of Security+.

Skills:

• Strong knowledge of Splunk.
• Hands-on experience with Defender for Endpoint.
• Solid understanding of network protocols, system logs, and threat actor TTPs (MITRE ATT&CK framework).
• Proficiency in analyzing Windows, Linux, and cloud environments for indicators of compromise.
• Strong analytical, documentation, and communication skills.

Preferred Qualifications

• Experience with Microsoft Defender XDR, Palo Alto Firewall, & Tenable
• Familiarity with Palo Alto Cortex XSOAR.
• Exposure to threat hunting and proactive detection engineering.
• Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent work experience) nice to have.
• Additional experience in a Security Operations Center or incident response role nice to have.

US Citizenship Required

Location: Hybrid at GDIT's Integrated Technology Center in Bossier City, LA. Participation in an on-call rotation will be required.

What We Offer

• Competitive salary and performance-based bonuses.
• Comprehensive health, dental, and vision benefits.
• Paid time off, holidays, and flexible scheduling.
• Opportunities for training, certification reimbursement, and career advancement.
• A collaborative environment that values innovation, mentorship, and continuous learning.

Work Requirements

Years of Experience

1 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

CompTIA Security+ CE | CompTIA - CompTIA

Travel Required

Less than 10%

Citizenship

U.S. Citizenship Required

Job Tags

Similar Jobs