Home >
Career Center > Job Seekers
> Job Search
|
| Company Name: |
General Dynamics IT |
| Location: |
Bossier City, LA |
| Position Type: |
Full Time |
| Post Date: |
04/11/2026 |
| Expire Date: |
06/25/2026 |
| Job Categories: |
Engineering, Information Technology |
|
 |
|
|
Cyber Security Analyst Tier III
As a senior member of the SOC team supporting the Virginia Information Technology Agency (VITA), the Tier III analyst serves as the primary escalation authority for high-severity security incidents and owns the full escalation chain from initial triage through containment, remediation, and post-incident review. A core function of this role is building and maintaining operational Splunk dashboards, automated detection workflows, and correlation searches that improve SOC efficiency and threat visibility. The Tier III analyst brings deep hands-on experience working in Splunk at an advanced level and provides threat hunting and incident response expertise across the team. The role may also require mentoring junior analysts and operating third-party toolsets within the client environment. RESPONSIBILITIES: A day in the life of a Cyber Security Analyst Tier III: Incident Response & Threat OperationsLead complex investigations and incident response (Tier III ownership): pivoting across identity, endpoint, network, email, cloud, and SaaS telemetry to drive containment and remediationProvide expertise with Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), threat hunting, and threat intelligence; own customer-facing escalation and remediation activitiesRecognize successful and unsuccessful intrusion attempts; triage security events and accurately prioritize and escalate incidents per established runbooksDetect the full spectrum of known cyberattacks (DDoS, malware, phishing, ransomware, and others) and correlate events across capabilities to identify attacks and breachesExamine malware analysis reports to correlate similar events across incidents; document and report actions taken by malicious actors in customer networksRecommend appropriate methods of system remediation and threat mitigation; prepare incident reports detailing analysis methodology and results Splunk Operations & AutomationBuild, maintain, and optimize Splunk dashboards and reports that provide operational visibility into threat activity, SOC performance metrics, and incident trends for analysts and leadershipDevelop and maintain automated detection workflows, correlation searches, and alert actions in Splunk to reduce analyst workload, minimize false positives, and accelerate response to high-priority threatsWrite and maintain SPL searches, scheduled reports, and lookup-driven workflows; leverage scripting (Python, PowerShell) to extend Splunk capabilities and support security automation where neededConduct log and system analysis for network and security devices; create and update detection rules and signatures in security tools and applicationsDocument emerging threat intelligence and reported IOCs for security tool integrations Detection Tuning & Compliance AlignmentAlign detections and logging with frameworks and controls: NIST 800-53, NIST CSF, PCI DSS, HIPAA, and SOX as applicable to the customer environmentDevelop and tune detection content including use cases, correlation rules, and alert logic to improve fidelity and reduce noise across the SOC environmentAnalyze and act on intelligence information to secure customer networks and devices Automation & ScriptingWorking knowledge of scripting (Python, PowerShell, or Bash) for security automation, log parsing, and workflow integration; ability to read and modify scripts to support SOC operationsSupport automation efforts that reduce manual analyst burden, improve detection fidelity, and accelerate incident response timelines. Leadership & MentorshipDocument and maintain runbooks and playbooks; mentor Tier I/II analysts as needed and contribute to post-incident retrospectives and continuous detection improvementsDevelop lessons learned documentation, reporting, and SOPs for incident responseServe as team/task lead as required; coach less-experienced analysts and model best practices across the escalation chainMaintain current understanding of cybersecurity best practices and motivate team members to expand knowledge and capabilities REQUIRED QUALIFICATIONS:Technical Training, Certification(s), or Degree8 or more years of experience in cybersecurity operationsSplunk experience advanced SPL, dashboard development, automated alerting, and correlation search creation in an operational SOC environmentCyberArk experience privileged access management in a government or enterprise SOC environmentQualifying certification to meet DoW 8140/DCWF CSSP Analyst requirements within 6 months of start: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, or PenTest+ Location: On-site at GDIT's Integrated Technology Center in Bossier City, LA GDIT IS YOUR PLACEAt GDIT, the mission is our purpose, and our people are at the center of everything we do. Growth: AI-powered career tool that identifies career steps and learning opportunities Support: An internal mobility team focused on helping you achieve your career goals Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off Flexibility: Full-flex work week to own your priorities at work and at home Community: Award-winning culture of innovation and a military-friendly workplace #GDITLA
|
|
| Company Name: |
General Dynamics IT |
| Website: | https://www.gdit.com/careers/job/860668b40/cyber-security-analyst-tier-iii/?source=AutoAppend_HBCU |
Apply Now |
Forward Job to a Friend |
More Jobs From This Employer
|
|
|
