Full job description
Security Operations Analyst
Client: General Services Administration (GSA)
POP: 12+ months
Location: Remote
US Citizen
SCOPE
Seeking a highly motivated Security Operations Analyst to support the GO.gov system by monitoring, analyzing, and responding to security events across all system components. The candidate will be required to triage alerts from Sumo Logic, CrowdStrike, Qualys, and AWS-native services, escalates potential incidents, and performs initial containment actions. The role participates in a 24/7 on-call rotation to ensure continuous coverage and rapid response to security issues affecting system confidentiality, integrity, or availability.
REQUIRED SKILLS
Experience in security operations, SIEM analysis, and incident response
Proficiency with Sumo Logic, CrowdStrike EDR, Qualys, and AWS CloudWatch/CloudTrail
Ability to interpret log data, identify anomalies, and follow defined playbooks
Understanding of AWS networking and security concepts
Strong written and verbal communication skills
Ability to work independently during on-call shifts and make sound triage decisions under pressure
PREFERRED SKILLS
Familiarity with FedRAMP, NIST 800-53, and federal incident handling processes.
Experience with Kubernetes/ECS, Keycloak, ServiceNow Security Operations, and MuleSoft logging.
Prior work within AWS GovCloud or multi-region architectures.
Competency in scripting (Python, Bash) for automation of investigations and reporting.
Knowledge of vulnerability management workflows and code-scanning tools such as SonarQube.
TASKS
Monitor, analyze, and respond to security events across all system components
Triage alerts from Sumo Logic, CrowdStrike, Qualys, and AWS-native services
Escalate potential incidents
Perform initial containment actions
Job Type: Full-time
Pay: $45.00 – $50.00 per hour
Work Location: Remote