Cybersecurity SOC Analyst

Bachelor's degree in a related specialized area or equivalent is required plus a minimum of 2 years of relevant experience; or Master's degree plus a minimum of 0 years of relevant experience.

Due to the nature of work performed within our facilities, U.S. citizenship is required.

The General Dynamics Mission Systems (GDMS) Security Operations Center (SOC) is seeking a Cybersecurity SOC Analyst with advanced expertise in Splunk Enterprise Security (ES) and a strong background in threat detection, incident response, and cloud security. This role is critical for monitoring, analyzing, and responding to security events across GDMS’s enterprise, programs, and cloud environments.

The ideal candidate will have hands-on experience with Splunk SPL, dashboard creation, and correlation searches, as well as proficiency in analyzing logs from diverse sources, conducting threat hunts, and improving detection capabilities. This position requires collaboration with cross-functional teams to mitigate risks, respond to incidents, and continuously enhance GDMS’s security posture.

REPRESENTATIVE DUTIES AND TASKS:

• Develop and optimize Splunk SPL queries, dashboards, and correlation searches within Splunk Enterprise Security (ES).
• Maintain and enhance Splunk content for detection and reporting.
• Analyze logs from multiple sources, including Windows Event Logs, Linux system logs, CrowdStrike telemetry, firewall logs, and network traffic.
• Investigate alerts to identify potential security incidents and anomalous behavior.
• Conduct proactive threat hunting to detect advanced persistent threats (APTs), insider threats, and suspicious activity across enterprise networks.
• Incorporate findings into detection content and response playbooks.
• Monitor and analyze DLP alerts for data exfiltration, data tagging, and compliance violations.
• Collaborate with teams to remediate and prevent data leakage incidents.
• Execute IR processes including detection, analysis, containment, eradication, and recovery.
• Document and track incidents using SOC workflows and ticketing systems.
• Monitor and assess security controls in AWS and Azure environments.
• Identify and remediate cloud-specific threats and misconfigurations.
• Support email security operations, including anti-phishing, anti-spam, malware detection, and incident response for email-based attacks.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Develop automation workflows and scripts to enhance SOC efficiency.

KNOWLEDGE SKILLS AND ABILITIES:

• Strong proficiency in Splunk SPL, dashboard creation, and Splunk Enterprise Security (ES).
• Experience analyzing logs from diverse sources (Windows, Linux, EDR, firewalls, network traffic).
• Hands-on experience in threat hunting and detecting APTs and insider threats.
• Knowledge of DLP solutions and compliance monitoring.
• Solid background in incident response operations.
• Understanding of cloud security controls for AWS and Azure.
• Familiarity with email security solutions and phishing mitigation.
• Excellent communication skills for conveying technical findings and business risk.

PREFERRED DEGREE TYPES AND EXPERIENCE

• CISSP
• Security+
• Splunk Certified Power User
• Splunk Enterprise Security Certified Admin
• CEH
• AWS and Azure security certifications

General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team!

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans