Job Specifications
Dragonfli Group is a cybersecurity and IT consulting firm based out of Washington, DC. We provide strategic services to both federal agencies and large commercial enterprises. Our consultants support a diverse array of project environments, including fully remote, hybrid, and on-site roles, with contract durations ranging from a few months to several years.
The Tier 2 SOC Analyst will support a cybersecurity operations mission for a large federal agency (i.e., USPS). In this critical role, you'll serve as a frontline defender--correlating complex data sources, investigating incidents, and mitigating evolving threats that target enterprise networks and sensitive assets.
You'll act as a subject matter expert on intrusion methodologies, network-based attacks, and threat detection across hybrid and cloud environments. Analysts in this role are expected to conduct deep-dive incident investigations, advise on remediation strategies, and take ownership of technical execution for key defense operations.
This position demands precision, urgency, and technical depth. You will be responsible for the following:
Identifying cybersecurity risks and recommending proactive controls
Analyzing network traffic to detect exploits, lateral movement, and intrusions
Advising on detection mechanisms for exploit attempts
Investigating security alerts using SIEM platforms like Splunk and tuning detection rules
Managing email threat vectors via ProofPoint and responding to phishing or spoofing attacks
Deploying and monitoring SentinelOne agents for endpoint defense
Configuring Cisco FirePower for network visibility and enforcing protections
Monitoring signals from Microsoft Defender for Cloud Apps, Endpoint, XDR, and Office 365
Conducting investigations within Azure Entra ID and Google Cloud SCC
Coordinating incident response workflows and following defined SOPs and playbooks
Escalating advanced threats to the broader Threat Management team when needed
Continuously improving security posture through tuning, analysis, and threat intel feedback loops
This is a high-impact, fully remote position. Candidates must reside within the continental United States and hold U.S. citizenship or lawful permanent residency. A minimum of 4 years' hands-on experience in a SOC, IR, or cyber defense role is required.
Requirements:
4+ years of hands-on experience in a Security Operations Center (SOC), incident response, or cyber threat detection role
Proven ability to analyze network traffic for exploits, intrusions, and abnormal behavior
Demonstrated expertise using SIEM tools, especially Splunk, for log analysis, correlation, and alert tuning
Practical experience managing email threats via ProofPoint, including phishing identification and response
Familiarity with Cisco FirePower for network monitoring, policy configuration, and intrusion prevention
Proficient in deploying, monitoring, and interpreting alerts from SentinelOne or other EDR platforms
Hands-on experience with the Microsoft Defender Suite (Cloud Apps, Endpoint, XDR, Office 365)
Experience with Azure Entra ID (formerly Azure AD) and Google Cloud Security Command Center (SCC) for cloud visibility and threat analysis
Ability to follow and apply security playbooks and SOPs during active incident handling
Strong working knowledge of threat actor behaviors, intrusion methodologies, and detection strategies
Ability to independently perform threat triage, remediation recommendations, and escalation of advanced threats
U.S. Citizenship or Permanent Resident status required (due to federal client constraints)
Must currently reside--and be willing to work exclusively--from within the continental United States
Clear, concise communication skills for documenting findings and collaborating with remote teams
High personal integrity; must be willing to verify identity and commit to non-use of AI tools during all assessments and interviews
About the Company
The Dragonfli Group is a Washington, DC based LLC specializing in management and technology consulting. Dragonfli transforms its clients' businesses by leveraging high impact strategic planning and technology solutions coupled with our deep expertise in infrastructure, corporate strategy and operations. The Dragonfli Group's passionate and experienced consultants take a collaborative approach to provide strategic planning and information security solutions to organizations looking to increase profitability, streamline opera...
Know more