Job Description
Overview
**This position is contingent upon contract award**
SOSi is seeking a Senior Cyber Response Analyst in Wiesbaden, Germany. The ideal candidate will possess senior-level expertise in identifying, triaging, and neutralizing sophisticated cyber threats. This role involves performing deep-dive forensic analysis, malware investigation, and coordinating enterprise-wide responses to security incidents to ensure the resilience of critical mission networks in support of theater-level mission requirements.
Essential Job Duties
* Monitor and analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) platforms to detect malicious or anomalous activity across the enterprise.
* Lead the evaluation of security events to determine the scope and severity of incidents, performing rapid triage to mitigate immediate risks.
* Perform advanced technical forensics on various media, including hard disk drives (HDD) and solid-state drives (SSD), and conduct malware analysis to understand threat vectors.
* Analyze complex data sets, including packet captures (PCAP) and network logs, to draw definitive conclusions regarding past, present, and potential future security breaches.
* Coordinate response efforts between technical engineering teams and non-technical stakeholders to ensure a unified defense posture.
* Maintain expert-level knowledge of hacker Tactics, Techniques and Procedures (TTPs) and the current global threat landscape to proactively harden theater defenses.
* Articulate detailed investigative findings and after-action reports to both technical audiences and executive leadership.
Qualifications
Minimum Requirements
* Active in scope TS/SCI clearance.
* BA/BS degree (Engineering, Computer Science, Science, Business Administration, or Mathematics) plus five (5) years of specialized experience OR Associate’s degree plus seven (7) years of specialized experience OR a major professional certification plus seven (7) years of specialized experience OR eleven (11) years of specialized experience.
* Possession of at least one of the following: Cisco Certified: CyberOps Professional or GIAC: GCIA or GCIH or GCFE or GNFA or GREM or Blue Team Level 2 (BLT2) or Microsoft Certified: Cybersecurity Architect Expert or Offensive Security Defense Analyst (OSDA).
* Demonstrated experience in monitoring intrusion detection and security information management systems.
* Experience in performing technical malware or forensic analysis on hard disk drives, SSDs, media, PCAP, and network logs.
* Proven ability to analyze data from various sources and draw conclusions regarding security incidents.
* Experience coordinating incident response with both technical and non-technical parties.
Preferred Qualifications
* Experience with EnCase, FTK, or open-source forensic suites (SANS SIFT).
* Familiarity with the MITRE ATT&CK framework for identifying adversary behavior.
* Proficiency in scripting (Python/PowerShell) to automate log parsing and triage tasks.
* Prior experience working within a Cybersecurity Service Provider (CSSP) or Tier 3 Security Operations Center (SOC).
Additional Information
Work Environment
* Normal office conditions with potential to perform duties in deployed locations.
* May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
* All interested individuals will receive consideration and will not be discriminated against for any reason.