Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Overview

**This position is contingent upon contract award**

SOSi is seeking a Senior Cyber Response Analyst in Wiesbaden, Germany. The ideal candidate will possess senior-level expertise in identifying, triaging, and neutralizing sophisticated cyber threats. This role involves performing deep-dive forensic analysis, malware investigation, and coordinating enterprise-wide responses to security incidents to ensure the resilience of critical mission networks in support of theater-level mission requirements.

Essential Job Duties

• Monitor and analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) platforms to detect malicious or anomalous activity across the enterprise.
• Lead the evaluation of security events to determine the scope and severity of incidents, performing rapid triage to mitigate immediate risks.
• Perform advanced technical forensics on various media, including hard disk drives (HDD) and solid-state drives (SSD), and conduct malware analysis to understand threat vectors.
• Analyze complex data sets, including packet captures (PCAP) and network logs, to draw definitive conclusions regarding past, present, and potential future security breaches.
• Coordinate response efforts between technical engineering teams and non-technical stakeholders to ensure a unified defense posture.
• Maintain expert-level knowledge of hacker Tactics, Techniques and Procedures (TTPs) and the current global threat landscape to proactively harden theater defenses.
• Articulate detailed investigative findings and after-action reports to both technical audiences and executive leadership.

Minimum Requirements

• Active in scope TS/SCI clearance.
• BA/BS degree (Engineering, Computer Science, Science, Business Administration, or Mathematics) plus five (5) years of specialized experience OR Associate’s degree plus seven (7) years of specialized experience OR a major professional certification plus seven (7) years of specialized experience OR eleven (11) years of specialized experience.
• Possession of at least one of the following: Cisco Certified: CyberOps Professional or GIAC: GCIA or GCIH or GCFE or GNFA or GREM or Blue Team Level 2 (BLT2) or Microsoft Certified: Cybersecurity Architect Expert or Offensive Security Defense Analyst (OSDA).
• Demonstrated experience in monitoring intrusion detection and security information management systems.
• Experience in performing technical malware or forensic analysis on hard disk drives, SSDs, media, PCAP, and network logs.
• Proven ability to analyze data from various sources and draw conclusions regarding security incidents.
• Experience coordinating incident response with both technical and non-technical parties.

Preferred Qualifications

• Experience with EnCase, FTK, or open-source forensic suites (SANS SIFT).
• Familiarity with the MITRE ATT&CK framework for identifying adversary behavior.
• Proficiency in scripting (Python/PowerShell) to automate log parsing and triage tasks.
• Prior experience working within a Cybersecurity Service Provider (CSSP) or Tier 3 Security Operations Center (SOC).

Work Environment

• Normal office conditions with potential to perform duties in deployed locations.
• May be requested to work evenings and weekends to meet program and contract needs.

Working at SOSi

• All interested individuals will receive consideration and will not be discriminated against for any reason.