← Back to Jobs
Posted May 28, 2026

Cbo - tier 3 soc analyst

cFocus Software seeks a Tier 3 SOC Analyst to join our program supporting the Congressional Budget Office (CBO). This position is remote. This position requires a Public Trust clearance. Qualifications: • Active Public Trust clearance • B.S. Computer Science, Information Technology, or a related field • 5+ years of SOC Analyst experience • Expert knowledge of incident response, threat hunting, and detection engineering • Advanced experience with Microsoft Sentinel (SIEM) and Microsoft Defender tools • Strong understanding of MITRE ATT&CK framework and adversary tactics • Experience with digital forensics and malware analysis techniques • Ability to analyze logs across identity, endpoint, network, and cloud environments • Strong knowledge of AWS logs (CloudTrail, VPC Flow Logs) and enterprise security tools • Experience with KQL (Kusto Query Language) and advanced correlation analysis • Deep understanding of NIST frameworks (800-53, 800-61, 800-92) and Zero Trust principles • Experience with SOAR platforms and automation (Logic Apps, Sentinel playbooks) • Experience supporting federal environments and compliance (CUI, FTI, NIST, IRS 1075) • Experience leading incident response engagements and reporting to leadership Preferred certifications include but are not limited to • GCIA, GCIH, CISSP, CEH, or equivalent cybersecurity certifications • Microsoft Sentinel or Microsoft security platform certifications • Relevant cloud security certifications (e.g., AWS security) • Privacy certifications (e.g., CIPP/US, CIPM) where applicable Duties: • Lead investigation and response for complex and high-severity security incidents • Perform advanced threat hunting using Microsoft Sentinel and Defender platforms • Conduct digital forensics, malware analysis, and root cause analysis (RCA) • Develop, tune, and optimize detection rules, analytics, and correlation logic • Map detections and activities to MITRE ATT&CK framework • Oversee incident lifecycle management (detection through containment, eradication, and recovery) • Support and improve SOC playbooks, automation workflows, and response procedures • Provide mentorship and guidance to Tier I and Tier II analysts • Identify security control gaps and recommend remediation strategies • Support red team, purple team, and adversary emulation exercises • Contribute to incident reports, quarterly threat reviews, and executive briefings
Apply Now

More Jobs You May Like

Sightview- QA Engineer III LeadMay 27, 2026Experienced Remote Customer Service Representative – Delivering Exceptional Service in a Dynamic EnvironmentJun 6, 2026Patient Safety and Quality Project ManagerMay 26, 2026Field EnumeratorMay 30, 2026GRC Manager - AssociateJun 2, 2026Talent Acquisition Recruiter - High Volume (New York, NY / Remote)May 27, 2026SOC Analyst; L2Jun 1, 2026Cybersecurity Advisor - Risk/Compliance/GRC | Raleigh or Charleston - Remote, USAJun 4, 2026Sr. Director, Dep CISO GRC & Security, OrthopedicsMay 30, 2026Experienced Remote Customer Service Representative – Billing Support SpecialistJun 4, 2026Security GRC Engineer-CA/NC-Mandarin preferred(full-time, exempt)Jun 7, 2026Senior Human Resources Business Partner - Talent ManagementMay 25, 2026[Remote] Security Operations Center Analyst II - RemoteMay 31, 2026XTN-2584703 | L3 SOC ANALYSTMay 24, 2026Experienced Customer Support Representative – Remote Email and Chat AssistanceMay 24, 2026