Senior Cyber Security Incident Response & Threat Intelligence Analyst
Location: Owings Mills (Baltimore), MD
Schedule: Hybrid (3 days onsite / 2 days remote)
Overview
We are seeking an experienced Senior Cyber Security Incident Response & Threat Intelligence Analyst to join a Cyber Security Operations Center (CSOC). This role is responsible for leading complex cyber incident response efforts while proactively identifying, analyzing, and mitigating emerging cyber threats across the enterprise. The ideal candidate has a strong background in incident response, threat hunting, malware analysis, digital forensics, SIEM engineering, and threat intelligence. This individual will work closely with CSOC analysts, threat intelligence, and forensic teams to improve detection capabilities and strengthen the organization's overall security posture.
Responsibilities
- Lead Level 2/3 cyber security incident response activities, including identification, containment, eradication, recovery, and post-incident analysis.
- Investigate advanced cyber threats, malware infections, ransomware, and Advanced Persistent Threats (APTs).
- Conduct proactive threat hunting and active defense investigations across enterprise environments.
- Analyze network traffic, system logs, endpoint telemetry, and forensic artifacts to identify malicious activity.
- Develop, maintain, and improve SIEM detection rules, correlation logic, signatures, alerts, and custom automation scripts.
- Build and operationalize threat intelligence, indicators of compromise (IOCs), and countermeasures to strengthen defensive capabilities.
- Partner with Threat Intelligence and Digital Forensics teams to investigate sophisticated attacks and maintain current threat profiles.
- Perform forensic analysis and packet-level investigations to support security incidents.
- Research emerging threats, attacker tactics, techniques, and procedures (TTPs), recommending improvements to security controls and monitoring.
- Document investigations, incident findings, detection logic, and response procedures.
- Perform trend analysis and contribute to continuous improvement of CSOC operations and incident response processes.
- Participate in an on-call rotation to support critical security incidents, including occasional evenings, weekends, and holidays.
Required Qualifications
- Bachelor's degree in Computer Science, Cyber Security, Information Technology, or a related field (or equivalent experience).
- 5–8 years of experience in cyber security, incident response, or Security Operations (SOC/CSOC).
- Experience leading complex incident investigations and responding to advanced cyber threats.
- Strong knowledge of SIEM platforms, threat hunting, malware analysis, digital forensics, network security, and vulnerability management.
- Experience with Windows, Linux, network protocols, log and packet analysis, and scripting using Python, PowerShell, or Bash.
- Working knowledge of APTs, MITRE ATT&CK, Cyber Kill Chain, and NIST/SANS security frameworks.
- Strong communication skills with the ability to document findings and communicate technical information to both technical and non-technical audiences.
- Willingness to participate in an on-call rotation, including occasional evenings, weekends, and holidays.
About Us:
At Brooksource, relationships are the foundation of everything we do. Since 2000, we've built lasting partnerships with clients, consultants, and internal teams to deliver an exceptional experience across every engagement. As a trusted IT and Engineering services provider, Brooksource supports Fortune 500 organizations through Experience-Driven Staffing, Professional Services, and Elevate, our proprietary Workforce Transformation program. Whether you're hiring for software development, cloud computing, cybersecurity, data analytics, or enterprise IT, our customized staffing solutions are designed to align with your company's unique goals, culture, and technology stack. We offer flexible hiring models, including contract, contract-to-hire, and direct placement to meet your evolving business needs. We are a certified partner of leading platforms, including Salesforce, AWS, Microsoft, and Google Cloud, enabling us to deliver scalable, end-to-end technology solutions. With a growing national footprint, Brooksource is redefining expectations in IT consulting, engineering services, and technology workforce solutions.
EEO Statement:
Brooksource is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression, sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances.
Benefits & Perks:
Benefits & Perks: Brooksource offers competitive medical, dental, vision, Health Savings Account, Dependent Care FSA, and supplemental coverage with plans that can fit each employee's needs. We offer a 401k plan that includes a company match and is fully vested after you become eligible, paid time off, sick time, and paid company holidays. We also offer an Employee Assistance Program (EAP) that provides services like virtual counseling, financial services, legal services, life coaching, etc.
Pay Disclaimer:
The pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Pay: From $60.00 per hour
Work Location: Hybrid remote in Owings Mills, MD 21117