theta. is a. SBA-Certified **8(a) & **HUBZone digital integration and management firm based in Baltimore, MD, working to create a world where tech works for everybody. Our mission is to bridge the gap between the intersection of innovation & technology and practical applications that serve the public interest.
We specialize in delivering software, services, and tools that enhance efficiency, security, and accessibility in government operations. Our commitment to be of service , be passionate , and be different drives us to deliver projects that make a significant impact.
We are seeking a Tier 3 Cybersecurity Analyst to join our team, supporting the Department of Veterans Affairs' Cybersecurity Operations Center (CSOC). This position leads complex investigations into advanced cyber threats, helping protect sensitive systems that serve millions of veterans nationwide.
As a senior incident responder, you'll be responsible for analyzing escalated security events, developing playbooks, and improving automation and detection capabilities.
You'll collaborate with forensics, threat intelligence, and engineering teams to ensure that every incident response not only contains the threat but also strengthens the entire defense ecosystem.
Key Responsibilities :
Lead the investigation, analysis, and remediation of Tier 3 and escalated incidents across VA cloud and enterprise environments.
Develop and maintain incident response playbooks tailored to cloud workloads, including use cases for Azure Sentinel and AWS GuardDuty.
Identify attack patterns, determine root causes, and coordinate corrective actions to prevent recurrence.
Work closely with the detection engineering and automation teams to integrate findings into SOAR playbooks and continuous monitoring tools.
Mentor Tier 1 and Tier 2 analysts, providing guidance and training in advanced incident handling techniques.
Collaborate with forensics, threat intel, and IT teams to ensure incidents are contained swiftly and documented clearly for review.
Regularly evaluate detection logic and automation performance to enhance SOC efficiency and response times.
Basic Qualifications :
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related discipline —or equivalent practical experience. **
**
** **5+ years of enterprise-level incident response or SOC experience, including cloud security operations.
Strong understanding of cybersecurity principles, incident response methodologies, and threat lifecycle management.
Hands-on experience with SIEM , IDS/IPS , EDR , and SOAR technologies.
Experience with ServiceNow or similar ticketing and case management tools.
Excellent analytical, communication, and problem-solving skills.
Industry certifications such as CISSP , GCIH , GCFA , or CEH are highly desirable.
U.S. Citizenship required.
Must be able to meet any other requirements for government contracts for which they are hired ( e.g., must reside in the U.S., Security Clearances )
Some of our clients may occasionally request or require travel. If this concerns you, we encourage you to apply and discuss it with us at your initial interview.
Proficiency with Azure Sentinel, AWS GuardDuty, or Netskope CASB for cloud-native threat detection.
Experience developing and tuning incident response playbooks for SOAR platforms.
Familiarity with MITRE ATT&CK framework mapping and adversary behavior analysis.
Strong understanding of automation, scripting, or query languages (KQL, SPL, Python).
Why Join theta.? :
If you are a mission-driven Cybersecurity Analyst ready to lead complex investigations, strengthen automated defenses, and protect critical government systems, we encourage you to apply and join our team at theta.
Salary Range: $95,000 - $120,000 (DOE and project-specific details)