Senior SOC Analyst - (Active TS/SCI Clearance Required)

Rapid Strategy is a premier cybersecurity and IT consulting firm providing mission-critical support to federal, defense, and commercial clients. Our teams deliver advanced cybersecurity operations, IT modernization, and cloud security solutions that strengthen national defense and operational resilience.

We are seeking a Senior SOC Analyst to join our Security Operations Center (SOC) team in Washington, D.C. This position is 100% onsite and requires an active TS/SCI clearance.

The Senior SOC Analyst plays a pivotal role in defending mission-critical systems and networks against evolving cyber threats. The ideal candidate will have deep experience in threat detection, analysis, and incident response within a secure, enterprise-level environment.

As a senior member of the SOC, you’ll lead real-time monitoring, threat triage, correlation, and mitigation across multiple tools and data sources — ensuring rapid containment and continuous improvement of the organization’s security posture. You will also provide technical mentorship to junior analysts and collaborate closely with engineering, network, and system teams to support enterprise defense operations.

• Perform real-time monitoring, analysis, and triage of security events and alerts within SIEM and other detection platforms.

• Identify, analyze, and respond to cybersecurity incidents, escalating as appropriate to Incident Response (IR) teams.

• Correlate events across logs, systems, and threat intelligence sources to identify patterns of malicious activity.

• Lead threat hunting activities to proactively detect and contain advanced persistent threats (APTs).

• Conduct in-depth forensic analysis of compromised systems and network traffic.

• Tune and optimize SOC tools such as SIEM, EDR, SOAR, and threat intelligence platforms for improved detection accuracy.

• Work closely with Network and Systems teams to remediate vulnerabilities and harden configurations.

• Document incidents, develop after-action reports, and recommend control enhancements.

• Support compliance and reporting requirements under frameworks like NIST SP 800-53, RMF, and Zero Trust directives.

• Provide mentorship and guidance to junior SOC Analysts, ensuring effective knowledge transfer and operational readiness.

• Active TS/SCI clearance (mandatory)

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).

• 5+ years of experience in a Security Operations Center or Cyber Defense environment.

• Strong experience with one or more of the following tools:

  • SIEM platforms (Splunk, Elastic, ArcSight, QRadar, Sentinel, or LogRhythm)

  • Endpoint Detection & Response (EDR) tools (CrowdStrike, SentinelOne, Carbon Black, Tanium)

  • Vulnerability scanning tools (ACAS, Tenable, Nessus)

  • Threat intelligence and correlation tools

• Proficiency with Windows, Linux, and cloud log analysis (AWS CloudTrail, Azure Monitor).

• Familiarity with MITRE ATT&CK, Cyber Kill Chain, and incident response lifecycle.

• Excellent analytical, communication, and documentation skills.

• Certifications such as Security+, CEH, GCIA, GCIH, CISSP, or CompTIA CySA+.

• Experience supporting DoD or Intelligence Community SOCs.

• Knowledge of network protocols, packet analysis, and threat intelligence integration.

• Experience with SOAR automation playbooks or scripting (Python, PowerShell) to streamline detection workflows.

• Understanding of Zero Trust Architecture and cloud-native security tools.