Job#: 3037020

Job Description:

Location: Fully Remote (EST Hours)

Schedule: Night shift, Wednesday–Sunday (7:00 PM – 7:00 AM). Schedule is structured within this window to total approximately 40 hours per week.

We are seeking a motivated Cyber Security Specialist for a SOC Incident Response Lead position to support night shift operations for a 24/7/365 Security Operations Center (SOC). This fully remote role involves monitoring, analyzing, investigating, and responding to threats across hybrid cloud and on-premise environments. The position is suited for an analyst with a strong investigative mindset, technical depth, and a passion for continuous learning.

• Perform advanced EDR analysis using tools like Trellix, including alert triage, threat detection, and IOC investigation.
• Utilize Splunk for alert analysis (not engineering) and ServiceNow for case management.
• Conduct initial incident response for malware, phishing, lateral movement, and data exfiltration.
• Perform basic digital forensics during incident response, including the acquisition, preservation, and analysis of endpoint artifacts.
• Support EDR platform administration by managing agent health, coordinating policy updates, and troubleshooting endpoint issues.
• Provide engineering-focused support on SOC architecture improvements to increase visibility and detection capabilities, particularly in AWS infrastructure.
• Apply threat intelligence to uncover TTPs using the MITRE ATT&CK framework and understand enterprise logging.
• Participate in threat hunting missions based on hypotheses and environmental knowledge.
• Collaborate with engineering, system administrators, and other stakeholders to contain and remediate threats.
• Support compliance efforts by ensuring audit trails and investigative artifacts are collected and preserved.
• Participate as part of the service desk.
• Provide summary reports and handoff briefings at the end of each shift.

Experience: 5-7 years of relevant experience.

Clearance: Must obtain/maintain Public Trust clearance.

Technical Skills:

• Experience with Splunk for alert analysis.
• Experience with EDR tools (e.g., Trellix).
• Experience with Case Management Systems (e.g., ServiceNow).
• Experience with AWS infrastructure.
• Understanding of basic forensics and enterprise logging.
• Solid understanding of Windows and Linux operating system internals and log analysis.
• Strong grasp of network protocols, TCP/IP, and common attack vectors.
• Familiarity with scripting (e.g., PowerShell, Python, Bash).

• Experience as a Coralogix analyst.
• Certifications such as Security+, CySA+, CASP+, GCIH, GCIA, GCFA, GNFA, GDAT, CSA, CEH, or (ISC)² SSCP/CISSP.
• A degree in computer science or a related subject.
• Familiarity with compliance frameworks like NIST CSF, 800-53, and CIS Benchmarks.
• Knowledge of vulnerability scanning tools (e.g., Tenable Nessus).
• Experience collaborating with cyber threat intelligence or red teams.

The anticipated hourly pay range for this position is $40.00/hr-$43.00/hr. A comprehensive benefits package is available to eligible employees.

This employer is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at https://www.apexsystems.com/privacy-policy

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Everforth Apex team member can provide.

Everforth Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Everforth Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

If you require an accommodation under the Americans with Disabilities Act to participate in an interview with a virtual recruiter or to use our website for a search or application, please contact our Benefits Department at [email protected] or 804-523-8228. Please note that this contact information is strictly to be used for medical ADA accommodations and that no other inquiries will be answered.

UnitedHealthcare creates and publishes the Transparency in Coverage Machine-Readable Files on behalf of Everforth Apex Systems.