Zachary Piper Solutions is seeking an SOC Analyst to join an IRS contract located in the DMV through hybrid presence. Join a tierless SOC, where you’ll own full-cycle incident response and threat hunting across one of the largest federal environments gaining hands-on experience with cutting-edge tools and high-impact cyber threat.

Responsibilities of the SOC Analyst include:

• Own full-cycle incident response - from detection to investigation, containment, and remediation - within a tierless SOC environment
• Proactively hunt for threats across enterprise systems, identifying suspicious behavior and advanced persistent threats
• Analyze security data including event logs, PCAP files, and network traffic to uncover potential intrusions
• Develop and run SPL queries in Splunk to investigate anomalies and support threat detection
• Utilize tools like Wireshark and Snort for deep packet inspection and intrusion analysis
• Document findings and collaborate with stakeholders to improve threat posture and ensure effective incident resolution

Qualifications of the SOC Analyst include:

• 2+ years of experience in a SOC or cybersecurity incident response environment
• Proven ability to manage full-lifecycle incidents independently, including detection, investigation, and remediation
• Strong hands-on experience with Splunk and Splunk SPL
• Expertise in packet capture analysis using tools like Wireshark
• Familiarity in IDS, such as Snort, Windows Defender or similar platforms
• US Citizenship required & ability to obtain or currently hold a Public Trust clearance (Secret + is preferred)
• Must live within a commutable distance to Lanham, MD for any infrequent on-site requirements

Compensation for the SOC Analyst includes:

• Salary Range: $90,000-100,000 depending on experience
• Benefits: Medical, Dental, Vision, 401k Plan, Holidays, PTO, sick leave as required by law

Keywords: SOC, security operations center, monitor, detect, analyze, respond, security, protect, digital infrastructure, malware, data breach, unauthorized access, cybersecurity, cyber, incident response, incident response analyst, threat hunter, tier, tierless, incident lifecycle, full-cycle, threat hunting, threat hunt, cyber threat, detection, investigation, remediation, splunk, spl, splunk spl, search processing language, packet capture, packet capture analysis, pcap, wireshark, tcpdump, tshark, networkminer, colasoft, capsa, solarwinds deep packet inspection, netwitness, ids, ips, intrusion detection system, intrusion prevention system, snort, suricata, zeek, bro, ossec, security onion, onion, cisco firepower, alienvault, ossim, alien vault, siem, ids/ips, traffic, traffic analysis, hids, us citizen, citizenship, public trust, clearance, secret, top secret, windows defender, defender, antivirus, microsoft defender antivirus, virus, ransomware, emerging threat, firewall, network protection, smartscreen, malicious, anti-malware, antimalware, endpoint protection, IRS, internal revenue service, tax, department of the treasury, DOT, csirc, computer security incident response capability, csirt, computer security incident response team, IRS network, incident response analyst, cyber threat hunter, tierless SOC, escalate, point of escalation, query, queries, logs, traffic, quarantine system, lanham, maryland, remote, hybrid

• Own full-cycle incident response - from detection to investigation, containment, and remediation - within a tierless SOC environment
• Proactively hunt for threats across enterprise systems, identifying suspicious behavior and advanced persistent threats
• Analyze security data including event logs, PCAP files, and network traffic to uncover potential intrusions
• Develop and run SPL queries in Splunk to investigate anomalies and support threat detection
• Utilize tools like Wireshark and Snort for deep packet inspection and intrusion analysis
• Document findings and collaborate with stakeholders to improve threat posture and ensure effective incident resolutio