cover image
Morton

Incident Responder / SOC Analyst (8754)

Hybrid

Richmond, United states

Junior

Freelance

13-02-2026

Share this job:

Skills

Communication Python PowerShell Jira Incident Response Cloud Security Wireshark Splunk ServiceNow Monitoring Training Azure AWS Active Directory TCP/IP

Job Specifications

Job Description

Morton is seeking an experienced Incident Responder / SOC Analyst to strengthen cybersecurity operations and enhance threat detection and response capabilities for our client in Richmond, VA. This role is responsible for investigating and mitigating cybersecurity threats to ensure the confidentiality, integrity, and availability of critical IT systems and data.

The selected candidate will perform responsibilities aligned with Tier 1 and Tier 2 SOC Analyst functions under the NICE framework. This includes monitoring security platforms, managing security incidents, conducting in-depth investigations, leveraging threat intelligence, and supporting containment and recovery efforts.

This is a hybrid position (3-4 days per week). During initial onboarding/training, up to 5 days per week onsite may be required. Occasional in-state travel may be required.

Key Responsibilities

Monitor and triage alerts from SIEM, EDR, and NDR tools to distinguish false positives from actionable threats.
Investigate security incidents to validate severity, scope, and impact.
Analyze attack telemetry and convert raw data into actionable threat intelligence.
Escalate complex incidents to senior analysts for advanced forensic analysis or malware review.
Leverage threat intelligence sources (IOCs, detection rules, MITRE ATT&CK, CISA advisories, etc.) to enhance investigations and detection capabilities.
Assist in containment strategies including host isolation, account lockdown, and network segmentation.
Coordinate system recovery efforts and ensure secure restoration.
Update and refine incident response playbooks based on lessons learned and emerging threats.
Assist with SIEM tuning and detection rule optimization to improve alert fidelity.
Prepare detailed incident reports for internal stakeholders.
Document findings thoroughly in case management/ticketing systems.
Collect and preserve evidence (logs, emails, file hashes, process trees) per standard procedures.
Track and close tickets to ensure SLA compliance and proper shift handoffs.
Contribute to continuous improvement efforts across security operations.

Required Qualifications

2–5 years of experience in cybersecurity operations, incident response, or SOC environments.
Strong understanding of:
Incident Response Lifecycle (NIST 800-61 or similar frameworks)
Threat intelligence and IOC correlation
Network protocols (TCP/IP, DNS, HTTP) and log analysis
Hands-on experience with:
SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel)
EDR tools (e.g., CrowdStrike, Microsoft Defender, Cisco Secure Endpoint)
Threat intelligence platforms and IOC feeds
Familiarity with Active Directory, Azure AD, and identity management concepts.
Working knowledge of scripting (PowerShell or Python) for automation and data parsing.
Ability to contain and remediate incidents using established playbooks.
Strong documentation and communication skills (technical and non-technical audiences).

Preferred Qualifications

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
Industry certifications (earned or in progress), such as:
CompTIA Security+ or CySA+
GIAC (GCIA, GCIH, GCFA)
CISSP (in progress acceptable)
Microsoft SC-900 or SC-200
Splunk Core User or equivalent
Experience with:
SOAR automation
Packet capture and analysis tools (e.g., Wireshark)
Cloud security tools and concepts (Azure, AWS)
Tools such as Qualys, Splunk, Cisco Secure Access, ThousandEyes, DUO, Cloudflare
Ticketing systems such as ServiceNow or Jira

About the Company

IT Staffing Services: The right people. The right job. Every time. Our clients come back to us time and time again for the same reason. Because they know we won't send them just anyone. We listen closely to their needs and then find the best candidate. But we don't stop there. We go the extra mile to make sure the person we send is the exact right fit for the role AND the business. We won't settle for anything less. That's The Morton Way. Morton has been recognized for its continued growth on numerous occasions since its fou... Know more