×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

CSOC Lead Analyst

Job in Gladstone, Clackamas County, Oregon, 97027, USA
Listing for: Peraton
Full Time, Seasonal/Temporary position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Responsibilities

Position is Contingent Upon Award

Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nation’s vital organizations, working alongside leaders in cybersecurity engineering, operations, forensics, threat analysis, data science, and systems integration.

Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks, ensure the confidentiality, integrity, and availability of its systems and operations infrastructure, and comply with federal and industry cybersecurity regulation. As a lead analyst in a 24x7x365 Cybersecurity Operations Center (CSOC), the position provides leadership of CSOC shift staff to monitor the company’s networks and systems using Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR) and Security Orchestration, Automation, and Response (SOAR) systems such as Splunk, Crowd Strike, Nessus Security Center, Axonius, Swimlane, Websense, Net Flow and other tools to identify and investigate anomalies and thwart cyberattacks.

Duties include analyzing security alerts, leading investigations, assessing threats, and implementing procedures to respond to incidents as a senior member of the company’s CSOC.

Primary Responsibilities
  • Lead a CSOC shift to monitor security reporting systems, dashboards and indicators of suspicious activity and unauthorized access for an extensive critical infrastructure covering 8 states
  • Validate SIEM/EDR/SOAR security alerts, open case management investigations and direct analyst staff investigations
  • Review open case management reports, progress investigations, assess potential risks and determine issue priority and escalation path
  • Review threat and vulnerability advisories issued by various government organizations
  • Conduct research to determine the applicability of advisories to the operator environment
  • Interact with internal Subject Matter Experts and functional groups to request information, discuss events, elevate issues and coordinate a response
  • Formulate mitigation recommendations and document investigations
  • Prepare shift reports and brief CSOC Manager, infrastructure stakeholders and corporate management on active investigations
  • Conduct open source research and stay abreast of the latest cyber threats and security tools
Additional Responsibilities
  • Perform network and systems analysis of intrusion alerts to the network infrastructure and anomalous traffic, applications, operating systems, firewalls, proxy devices and malware detection, security incidents or anomalies flagged by monitoring tools, triage, and elevate them as warranted
  • Perform in-depth security analysis of alerts from firewalls and reviewing system logs for suspicious patterns, perform preliminary incident response, event analysis and threat intelligence
  • Investigate threats across multiple data systems and create incident review cases on notable events
  • Investigate flagged alerts, determine if they are real threats, and follow designated response and containment procedures
  • Confirm continuous data flows from system logs, PCAP captures, and intelligence feeds into the SIEM systems
  • Review flagged events that are detrimental to the company’s overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives and draft reports of results for management
  • Correlate network and system sensor events
  • Conduct advanced forensic event investigation of logs and network protocol traffic and identify anomaly and potential threats
  • Provide near real-time and short-term correlation of data collected by the SIEM/EDR tools and investigate threats across data types over specific study time frames or systems
  • Provide strategic analysis and near real-time auditing, investigating, reporting, and coordinating tracking of security-related flagged incidents
  • Analyze intelligence feeds from systems, other analysts, and outside agencies, and integrate learnings into protection devices
  • Recommend changes to security assets such…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search