Tier 2 SOC Analyst

Description Dragonfli Group is a cybersecurity and IT consulting firm based out of Washington, DC. We provide strategic services to both federal agencies and large commercial enterprises. Our consultants support a diverse array of project environments, including fully remote, hybrid, and on-site roles, with contract durations ranging from a few months to several years. The Tier 2 SOC Analyst will support a cybersecurity operations mission for a large federal agency (i.e., USPS). In this critical role, you’ll serve as a frontline defender—correlating complex data sources, investigating incidents, and mitigating evolving threats that target enterprise networks and sensitive assets. You’ll act as a subject matter expert on intrusion methodologies, network-based attacks, and threat detection across hybrid and cloud environments. Analysts in this role are expected to conduct deep-dive incident investigations, advise on remediation strategies, and take ownership of technical execution for key defense operations. This position demands precision, urgency, and technical depth. You will be responsible for the following: •Identifying cybersecurity risks and recommending proactive controls •Analyzing network traffic to detect exploits, lateral movement, and intrusions •Advising on detection mechanisms for exploit attempts •Investigating security alerts using SIEM platforms like Splunk and tuning detection rules •Managing email threat vectors via ProofPoint and responding to phishing or spoofing attacks •Deploying and monitoring SentinelOne agents for endpoint defense •Configuring Cisco FirePower for network visibility and enforcing protections •Monitoring signals from Microsoft Defender for Cloud Apps, Endpoint, XDR, and Office 365 •Conducting investigations within Azure Entra ID and Google Cloud SCC •Coordinating incident response workflows and following defined SOPs and playbooks •Escalating advanced threats to the broader Threat Management team when needed •Continuously improving security posture through tuning, analysis, and threat intel feedback loops This is a high-impact, fully remote position. Candidates must reside within the continental United States and hold U.S. citizenship or lawful permanent residency. A minimum of 4 years’ hands-on experience in a SOC, IR, or cyber defense role is required. Requirements Must-Have: 4+ years of hands-on experience in a Security Operations Center (SOC), incident response, or cyber threat detection role Proven ability to analyze network traffic for exploits, intrusions, and abnormal behavior Demonstrated expertise using SIEM tools , especially Splunk , for log analysis, correlation, and alert tuning Practical experience managing email threats via ProofPoint , including phishing identification and response Familiarity with Cisco FirePower for network monitoring, policy configuration, and intrusion prevention Proficient in deploying, monitoring, and interpreting alerts from SentinelOne or other EDR platforms Hands-on experience with the Microsoft Defender Suite (Cloud Apps, Endpoint, XDR, Office 365) Experience with Azure Entra ID (formerly Azure AD) and Google Cloud Security Command Center (SCC) for cloud visibility and threat analysis Ability to follow and apply security playbooks and SOPs during active incident handling Strong working knowledge of threat actor behaviors, intrusion methodologies , and detection strategies Ability to independently perform threat triage , remediation recommendations, and escalation of advanced threats U.S. Citizenship or Permanent Resident status required (due to federal client constraints) Must currently reside—and be willing to work exclusively—from within the continental United States Clear, concise communication skills for documenting findings and collaborating with remote teams High personal integrity; must be willing to verify identity and commit to non-use of AI tools during all assessments and interviews Skill(s) None Benefits Insurance - health, dental, and vision PTO & 11 Federal Holidays 401(k), employer match Travel None Originally posted on Himalayas