SOC Process Analyst

Are you interested in defining the future of cyber security processes and operations at a Cabinet-level Department?

Have operational experience within Security Operations Centers and are looking for more responsibility? Looking to use your expertise to guide changes and improvements?

Do you have an active Secret clearance?

Then we’ve got the role for you!

Come be a part of the team supporting a Cabinet-level Department’s cyber strategy within the Office of the Chief Information Officer (OCIO). We are an established consulting firm with a newly awarded $100M prime contract – so there is plenty of (stable!) growth opportunity for you.

We’re a highly functional team of independent-minded, entrepreneurial consultants who have built our reputation as a trusted information technology (IT) partner. We’re looking for people who have a growth mindset and who are ready to bring new ideas and thinking to our clients’ objectives. Still you? Read on…


Join a boutique consulting firm supporting a large-scale Cabinet-level Department contract where you will be a key resource helping to define the future strategic approach of the Department’s Security Operations Center (SOC). Your role is critical in understanding the business requirements, underlying problems the SOC is trying to solve, and the 3 – 5-year strategic roadmap. You will leverage your cyber security skills to support SOC operations and make recommendations for improvements. You will help evolve cyber operations and threat monitoring, detection, and response.

This position will require on-site work in Washington, D.C. and Vienna, VA, with telework options available.

Primary responsibilities include but are not limited To:

  • Review processes for monitoring, analyzing, detecting, and responding to cyber events and incidents within information systems and networks
  • Leverage cyber security solutions for intrusion detection and prevention, situational awareness of network intrusions, security events, data spillage, and incident response actions
  • Support network threat analysis, correlation, and response capabilities
  • Work with the operations team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact
  • Analyze incidents to figure out how many systems are affected and assist recovery efforts
  • Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals
  • Analyze the current architecture to identify weaknesses and opportunities for improvement
  • Perform evaluations of cyber security tools and applications to identify opportunities for improvement
  • Keep abreast of emerging cyber technologies and evaluate vendor offerings to determine best fit for SOC needs
  • Develop reports as necessary to brief various stakeholders (e.g., customers, OCIO executives)
  • Liaise with clients to keep them informed of progress and to make relevant decisions

Required Qualifications

  • Experience working in a Computer Incident Response Team (CIRT), Computer Security Incident Response Center (CSIRC), or SOC
  • Knowledge of computer networking, operating systems, and multiple security technologies, including IDS, firewalls, and Splunk
  • Ability to detect, correlate, and escalate cyber security events and provide in-depth analysis and use case management for Security Information and Event Management (SIEM)
  • Ability to build collaborative working relationships with various internal and external stakeholders
  • Strong analytical ability and data-driven mindset
  • Ability to baseline processes and develop new ones to evolve SOC operations
  • Ability to rapidly acquire new knowledge and skills in cyber security
  • Ability to work in complex situations with varying degrees of ambiguity and change
  • Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
  • Secret security clearance with ability to obtain a higher-level clearance

Additional/Preferred Qualifications

  • Deep understanding of network, data, identity, and cyber services, and how they integrate
  • Knowledge of cyber products and services offered by hyper-scale cloud service providers (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)
  • Direct or indirect Federal Government experience
  • Bachelor’s Degree in business, engineering, mathematics, management information systems, or field of study related to IT or cyber security
  • CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or EC-Council Certified Incident Handler (ECIH) Certification


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, marital status, personal appearance, sexual orientation, gender identity or expression, family responsibilities, matriculation, political affiliation, genetic information, disability, or past or present military service.

We offer an attractive compensation and benefits package, opportunities for professional growth, and a positive work environment. Candidate must be a U.S. citizen and possess or be able to successfully obtain a Federal security clearance. Hill Associates is an Equal Opportunity Employer and strongly supports diversity in the workplace. Please note that due to the expected volume of responses, only candidates being considered for an initial interview will be contacted.

Our company uses E-Verify to confirm the employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities as an applicant, please visit

Application can be made electronically via our website ( or by submitting a paper resume to Hill Associates Attention: HR 1 Research Ct Suite 450 Rockville MD 20850