SOC Analyst

Job ID 2612939Location Arlington, VA, USDate Posted 2026-05-29Category CyberSubcategory Cybersecurity OpsSchedule Full-TimeShift Day JobTravel NoMinimum Clearance Required TS.SCIClearance Level Must Be Able to Obtain TS/SCIPotential for Remote Work ORA_ON_SITEDescriptionSAIC is seeking a SOC Analyst to join our team. The SOC Analyst must work at Arlington, VA.Role OverviewProactively monitor and detect security incidents through Security Information and Event Management (SIEM) systems, including analysis of logs, alerts, and packet captures.Provide Tier 1/Tier 2 support during cybersecurity incidents by conducting initial triage, containment, eradication, and recovery actions as required.Leverage cyber threat intelligence feeds to adapt detection and analysis techniques as well as provide recommendations and actively work to protect against known and emerging threats. Create detailed technical reports on findings and impacts from incidents, providing clear mitigation recommendations. Maintain and update runbooks, operational procedures, and investigation documentation to ensure institutional knowledge and efficiency. QualificationsEducation RequirementsBachelors degree and five (5) years’ experience; Four (4) years' experience can be considered in lieu of degree.Clearance RequirementsMust possess and maintain an active TS/SCI clearance; US Citizenship required.Required SkillsHands-on experience with SIEM platforms such as Splunk, QRadar, LogRhythm, or ArcSight. Proven ability to analyze logs, packet captures, and payloads for advanced threat analysis and forensic investigations.Knowledge of networking concepts and protocols (TCP/IP, UDP, DNS, HTTP, FTP, etc.), firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) tools.Familiarity with operating systems (Windows/Linux) and cloud platforms (e.g., AWS, Azure, Google Cloud) from a cybersecurity perspective.Desired SkillsExpertise in developing automation scripts using Python, PowerShell, Bash, or other scripting languages to improve threat detection, incident response, and reporting workflows.