Senior SOC Analyst- Hybrid

ISI Defense is seeking an experienced Senior SOC Analyst to serve as a senior member of the Security Operations Center. This role is responsible for leading complex investigations, handling high-priority escalations, supporting proactive threat hunting, and improving day-to-day detection and response operations across internal and client environments. 

The Senior SOC Analyst is a senior hands-on analyst who helps strengthen operational maturity within the SOC by providing technical leadership during escalated incidents, improving detection quality, and mentoring junior analysts. This role supports security operations in regulated environments aligned with Defense Industrial Base requirements. 

• Investigate and respond to complex security alerts, suspicious activity, and escalated incidents across endpoints, identity, email, cloud, and network environments. 
• Initiate and coordinate containment, eradication, and recovery actions in accordance with established playbooks. 
• Make real-time containment and escalation decisions during active incidents. 
• Serve as the senior analyst for high-priority alerts and incidents, helping determine scope, impact, and recommended containment actions. 
• Perform proactive threat hunting using SIEM, EDR/XDR, threat intelligence, and behavioral indicators to identify suspicious or malicious activity. 
• Support detection tuning and continuous improvement of alert logic, correlation rules, and SOC workflows to reduce false positives and improve visibility. 
• Analyze and correlate security telemetry across enterprise tools to identify account misuse, suspicious behavior, and indicators of compromise. 
• Support monitoring and investigation in a Microsoft-centric environment, including endpoint, identity, email, and cloud-based security events. 
• Work within modern XDR workflows, including experience with CrowdStrike XDR and comparable detection and response platforms. 
• Document investigations clearly and maintain accurate case notes, escalation details, and incident records. 
• Provide technical guidance and mentorship to SOC Analyst I and II team members, including reviewing escalations and helping improve analyst consistency. 
• Support audit readiness and operational reporting through thorough documentation and adherence to established incident handling practices. 

• Must be a U.S. citizen 
• Active Secret clearance is preferred 
• Must be able to obtain and maintain a U.S. Government security clearance, as required for the role 
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent practical experience. 
• 5+ years of experience in a SOC, incident response, or cybersecurity operations role. 
• Strong experience with enterprise SIEM, EDR/XDR, identity, email security, and threat monitoring platforms in a production SOC environment. 
• Proven experience leading alert triage, incident analysis, escalation handling, and threat hunting for complex or high-priority security events. 
• Demonstrated experience independently leading security incidents from detection through containment and recovery. 
• Experience working in a Microsoft-centric security environment is strongly preferred, including monitoring and investigation across endpoint, identity, email, and cloud telemetry. 
• Hands-on experience with CrowdStrike XDR. 
• Strong understanding of attacker behavior, incident response processes, detection tuning, and security operations best practices. 
• Experience working in regulated environments is preferred, especially those aligned with NIST SP 800-171, CMMC, or FedRAMP. 
• One DoD 8570/8140-aligned baseline certification, such as CySA+, CEH, or CFR, or ability to obtain one within 6 months of hire. 
• Strong written communication skills, sound judgment during active incidents, and the ability to operate independently in a senior analyst capacity. 

What We Offer 

• The salary range for this role is $120,000-$140,000 commensurate with experience and qualifications.
• Hybrid work.
• A competitive salary and benefits package.
• A casual, friendly, and relaxed work environment.
• Professional growth encouragement and support.

Why Join ISI Defense? 

ISI Defense provides the opportunity to work in a mission-driven environment supporting critical cybersecurity operations for regulated and defense-aligned organizations. The Senior SOC Analyst will play a meaningful role in strengthening detection and response capabilities while helping mature a growing SOC function.