Description
Description
SAIC is seeking a Junior Cybersecurity Analyst to join our team in support of a critical U.S. government agency in the National Capital Region. This role offers a unique opportunity to gain hands-on experience in Security Operations Center (SOC) activities, incident response, threat detection, and security monitoring in both on-premises and cloud environments.
The ideal candidate will have foundational cybersecurity knowledge and exposure to tools such as Splunk Enterprise Security, Cisco IronPort, CrowdStrike, and CyberArk. This role focuses on analyzing security alerts, investigating incidents (including phishing attempts), supporting SOC documentation, and collaborating with senior analysts to maintain the agency's security posture.
Key Responsibilities:
• Monitor and analyze security alerts using platforms such as Splunk ES, CrowdStrike, and other SIEM/EDR tools.
• Assist in investigating suspicious or phishing emails using Cisco IronPort, VirusTotal, and other threat intel sources.
• Perform initial triage of alerts and security incidents, escalate as needed, and support incident resolution efforts.
• Support privileged access management auditing using CyberArk.
• Review, assign, and track security tickets in ServiceNow and SharePoint Reportal.
• Assist in identifying indicators of compromise (IOCs) and help implement mitigation steps (e.g., domain/IP/file hash blocks).
• Contribute to incident documentation, technical change requests, and incident response playbooks.
• Support DHS/CISA alert investigations and help assess the agency's exposure to relevant threats.
• Collaborate with security teams to enhance SOC processes and improve the agency's security posture.
• Stay current with emerging cyber threats, best practices, and security technologies to support continuous improvement.
Qualifications
Qualifications & Experience:
• Bachelor's degree in Cybersecurity, Information Technology, or a related field. May substitute an additional 2 years of experience in lieu of a degree.
• 0–3 years of experience in cybersecurity, SOC support, or IT security operations.
• Basic understanding of cybersecurity principles, security incident types, and NIST incident response guidelines.
• Familiarity with tools such as Splunk, CrowdStrike, Cisco IronPort, and CyberArk.
• Ability to analyze log data, assess threat indicators, and follow response workflows.
• Basic experience with ticketing and documentation platforms such as ServiceNow and SharePoint.
• Strong organizational and communication skills with attention to detail.
• Ability to work effectively in a team environment and adapt to a fast-paced security operations setting.
Preferred Qualifications:
• Experience investigating phishing emails or other common security incidents.
• Familiarity with threat intelligence tools (VirusTotal, Mandiant, Brightcloud).
• Exposure to federal cybersecurity environments or US-CERT participation.
• Basic scripting experience in Python, PowerShell, or SQL for security automation (a plus).
• Entry-level cybersecurity certifications such as CompTIA Security+, CySA+, or Splunk Core User.
Clearance Requirement:
All candidates must be eligible to obtain a U.S. Public Trust Clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
Target salary range: $40,001 - $80,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Apply on company website
Find Connections via Linkedin
