We are seeking a highly-capableSOC Tier 3 Analystto lead advanced threat detection and response operations in our Security Operations Center (SOC). This role involves acting as a key subject matter expert to identify, investigate, and mitigate sophisticated cyber threats and maintain enterprise security resilience.

TheSOC Tier 3 Analystwill work closely with internal teams, clients, and external threat intelligence partners to proactively secure systems, networks, and ensure data integrity while serving as an escalation point for Tier 1 and Tier 2 analysts.

Key Responsibilities:

• Serve as the senior analyst and escalation point for Tier 1 & Tier 2 in security incident handling.
• Perform advanced threat hunting and forensic investigations (network, endpoint, cloud).
• Lead incident response activities, including coordination, containment, eradication, and long-term remediation.
• Develop and refine SIEM detection rules and automation playbooks to improve SOC efficacy.
• Analyze and interpret logs, packet captures, and alerts to identify anomalous activities.
• Provide actionable threat intelligence to enhance defenses and support strategic decisions.
• Drive process improvement, mentoring, and training initiatives for the SOC team.
• Ensure compliance with client requirements, regulations, and relevant cybersecurity frameworks (e.g., NIST, CIS).
• Interface with stakeholders to provide threat landscape briefings, status reports, and post-incident reviews.
• Participate in red/blue teaming and tabletop exercises to validate SOC preparedness.

Required Qualifications:

• Education: Technical Training, Certification(s), or Degree required; bachelors degree in Cybersecurity, Information Technology, or a related field (or equivalent experience) strongly preferred
• Experience: At least 5 years of combined experience in cybersecurity incident handling, SOC operations, and threat intelligence analysis.
• US Citizenship required.
• Must possess or be able to obtain and maintain a Secret clearance
• Relevant industry certifications [e.g., CISSP, Security+, GIAC-GCIH, CEH, GCIA, GCFA, OSCP].
• Expertise with security technologies, includingSIEM systems(e.g., Splunk, QRadar, ArcSight), network monitoring tools, and endpoint detection solutions.
• Proficiency in scripting and automation using Python, PowerShell, or other languages.
• Hands-on experience performing forensic analysis on Windows, Linux, and cloud environments.
• Strong knowledge of security protocols, intrusion vectors, malware behavior, and remediation techniques.
• Exceptional problem-solving and communication skills with the ability to handle high-pressure situations.

Preferred Qualifications:

• Degree and/or advanced certifications in cybersecurity.
• Experience integrating threat intelligence in SIEM and SOC processes.
• Knowledge of MITRE ATT&CK framework and its application in SOC workflows.
• Familiarity with cloud security (e.g., AWS, Azure, Google Cloud).

Location: Hybrid at GDIT's Integrated Technology Center in Bossier City, Louisiana

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

Growth: AI-powered career tool that identifies career steps and learning opportunities
Support: An internal mobility team focused on helping you achieve your career goals
Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
Flexibility: Full-flex work week to own your priorities at work and at home
Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and youll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.