SOC Analyst – Tier 2 at Apavo Corporation – Arlington, Virginia

Job Title: SOC Analyst – Tier 2

Location: Arlington, VA

Department: Cyber Security Services

Reports To: Management

FLSA Status: Full Time/Non-exempt

Apavo is at the forefront of cybersecurity, providing services to military, defense, and critical infrastructure industries. Joining the Apavo team means becoming part of a company rooted in the principles of quality, and communication. We value positive, candid interactions and the belief that everyone has valuable contributions to make. Apavo stands out for its commitment to a work-life balance and fostering a growth mindset among all team members. If you are looking to make a meaningful impact in the cybersecurity world while growing professionally in a supportive environment, Apavo is the place for you.

Job Purpose:

The SOC Analyst – Tier 2 supports the Network Operations and Security Center (NOSC) by leading the investigation and response to cybersecurity threats across multiple networks. This role is responsible for analyzing escalated incidents, mentoring junior analysts, and ensuring the effectiveness of detection and response capabilities. The position plays a key role in maintaining the security posture of critical systems while supporting mission objectives through technical expertise and collaboration.

Duties & Responsibilities:

SOC Analyst – Tier 2 responsibilities include, but are not limited to:

· Analyze and investigate escalated security alerts from Tier 1 analysts using SIEM, EDR, IDS/IPS, and network monitoring tools

· Perform advanced log analysis, packet capture (PCAP) review, and endpoint investigations to determine threat scope and impact

· Lead incident response activities and collaborate with Tier 3 analysts on high-severity or complex incidents

· Prepare detailed incident reports, executive summaries, and deliver briefings to stakeholders and leadership

· Collaborate with system administrators and IT teams to implement mitigation and remediation strategies

· Mentor and provide technical guidance to Tier 1 analysts, including training on incident handling procedures

· Assist in tuning detection tools and developing use cases for anomalous activity detection

· Develop, update, and maintain documentation aligned with cybersecurity best practices and operational procedures

The SOC Analyst – Tier 2 is expected to have additional duties as assigned in support of corporate cyber security services. Additional details are reviewed in accordance with company policies.

Other:

This is typical office or administrative work, and there is no exposure to adverse environmental conditions.

This position requires sedentary work. Sedentary work is defined as: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Apavo Corporation provides equal employment opportunities to all applicants and employees and strictly prohibits any type of harassment or discrimination in regards to race, religion, age, color, sex, disability status, national origin, genetics, sexual orientation, protected veteran status, gender expression, gender identity, or any other characteristic protected under federal, state, and/or local laws.

Consistent with the Americans with Disabilities Act (ADA), it is the policy of Apavo Corporation to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. If reasonable accommodation is needed, please contact Apavo Human Resources at hr@apavo.com or 571-407-0069

Employment with Apavo Corporation is on an at-will basis, meaning either you or the Company can terminate the employment relationship, at any time, for any or no reason, and with or without cause or notice. As an at-will employee, your employment with Apavo Corporation is not guaranteed for any length of time.

Qualifications:

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)

3–6 years of experience in a SOC or cybersecurity operations environment

DoD Top Secret Clearance with SCI/SAP eligibility required

Experience leading incident response efforts and mentoring junior analysts (2+ years preferred)

Proficiency with SIEM platforms (e.g., Splunk) and endpoint detection tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender)

Strong understanding of network protocols, packet analysis, and tools such as Wireshark or Zeek

Experience with IDS/IPS/NDR/EDR tools (e.g., Snort, Suricata, Bricata)

Ability to analyze logs, correlate data, and identify adversary TTPs

Familiarity with threat intelligence frameworks such as MITRE ATT&CK and Cyber Kill Chain

Basic scripting or automation experience (Python, PowerShell, or Bash)

DoD 8140 Cyber Incident Responder Certification (Security+, CySA+, or equivalent) required

Preferred certifications include GCIH, GCFA, Cloud+, or GCSA