We’re Hiring

Visual Connections, LLC is seeking a Tier 3 Cybersecurity Analyst

ONSITE-Washington, DC (1st or 2nd Shift-2 Positions)

At Visual Connections, cybersecurity is part of a broader suite of capabilities designed to help government and commercial customers modernize and secure their operations. Our offerings include program and portfolio management, AI/automation, UX engineering, enterprise app development, data analytics, and telecom infrastructure. Proudly veteran-owned, our teams deliver robust cyber defense—threat detection, incident response, continuous monitoring—alongside agile IT and data services. If you seek to grow in a collaborative, mission-centered culture, partnering with agencies like DoD, HHS, CMS, and CDC, Visual Connections is your place to drive real impact.

Job Summary

We are seeking a Tier 3 Cybersecurity Analyst to join our Security Operations Center, where you will lead efforts in detecting, analyzing, and responding to the most challenging cyber threats. Your responsibilities will include onboarding new detection technologies, crafting and updating incident response playbooks, and leading investigations of escalated incidents by analyzing attack patterns and determining root causes. You will act as a trusted advisor to junior analysts, providing mentorship and technical expertise during complex investigations. The role requires strong collaboration skills to work effectively with forensics, threat intelligence, and IT teams, as well as the ability to clearly communicate incident updates to management and stakeholders. You will develop advanced analytics use cases, continuously monitor and improve the efficacy of automation processes, and utilize SOAR platforms to streamline and automate response actions. Staying informed of the latest cyber threats and best practices, you will also participate in exercises and simulations to keep incident response capabilities sharp. If you are passionate about tackling sophisticated cyber threats in a high-pressure environment and making a significant impact on enterprise security, this role offers a rewarding opportunity in Washington, DC.

Responsibilities

• Work with detection engineering team to onboard and operationalize new cloud detection tools include Azure Sentinel, AWS Guard Duty, Netskope CASB etc.

• Develop playbooks for cloud incident response.

• Lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences.

• Serve as a cloud subject matter expert in handling incidents of varying complexity, providing guidance and support to Tier 1 and Tier 2 analysts during investigations.

• Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks.

• Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders.

• Develop and operationalize advanced security analytics use cases to detect and respond to sophisticated cyber threats in real-time.

• Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy.

• Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions.

• Support the mentoring and training of more junior IR staff.

• Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities.
  

Requirements

• Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience)

• 5+ years of experience supporting large-scale IT related projects

• 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC) that includes monitoring of cloud environments.

• A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.

• Industry certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent, are highly desirable

• Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools

• Experience with enterprise ticketing systems like ServiceNow

• Excellent analytical and problem-solving skills.

• Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.

• Ability to learn and function in multiple capacities and learn quickly.

• Strong verbal and written communication skills