We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Phia LLC jobs

Cyber Operations Analyst - Threat Management Specialist Tier 2

Phia LLC
medical insurance, dental insurance, life insurance, vision insurance, paid time off, paid holidays, long term disability, 401(k)
United States, Virginia, Fairfax
11166 Fairfax Boulevard (Show on map)
Feb 02, 2026

OVERVIEW:
At phia we hire talented and passionate people who are focused on collaborative, meaningful work-providing technical and operational subject matter expertise and support services to our partners and clients.

phia is seeking a Threat Management Specialist (Tier 2) to perform deepdive incident analysis, correlate security data from multiple sources, and determine the impact to critical systems and datasets. This role focuses on threat detection, network traffic analysis, incident response, and leveraging AI/ML and SOAR technologies to strengthen CSOC efficiency and accuracy.

The ideal candidate brings strong technical expertise across IDS/IPS, SIEM, EDR/XDR, cloud security, and machine learning-enhanced threat detection, along with excellent analytical and communication skills. This role requires a detailoriented cybersecurity professional capable of executing playbooks, performing advanced investigations, and contributing to continuous SOC improvement through automation and AI-driven enhancements.

What You'll Do

  • Identify cybersecurity issues and recommend appropriate mitigating controls.
  • Analyze network traffic to detect exploit attempts, intrusions, and anomalous activity.
  • Recommend and develop detection mechanisms for exploit and intrusionrelated threats.
  • Provide subject matter expertise on network-based attacks, traffic analysis, and intrusion methodologies.
  • Escalate complex items requiring deeper investigation to senior members of the Threat Management team.
  • Execute operational processes in support of incident response activities.
  • Utilize AI/MLbased tools to detect anomalies, automate triage, and enhance threat intelligence operations.
  • Perform threat intelligence research and analysis, using MLenhanced tools to assess risk and adapt defenses.
  • Manage email security with ProofPoint, monitor for threats, and respond to attacks promptly.
  • Configure and use Splunk for log analysis, alert creation, event monitoring, and incident investigation.
  • Configure and use FirePower for network monitoring, traffic analysis, and enforcement of security policies.
  • Deploy and manage SentinelOne agents, monitor alerts, and perform hostbased security assessments.
  • Monitor and respond to alerts across platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud SCC.
  • Perform threat detection, investigate suspicious activity, coordinate incident response, and implement remediation.
  • Tune security policies and maintain visibility across cloud and endpoint environments.
  • Support continuous improvement of the organization's security posture.
  • Stay current on cybersecurity trends, threat actors, and advancements in AI/ML research.
  • Identify, recommend, and implement automation use cases-leveraging AI/ML to enhance SOC capabilities.
  • Collaborate with operations teams to drive SOC enhancements through automation and AI integration.

Who You Are

  • * Cybersecurity professional with 3+ years of IT security experience, including exposure to AI/ML projects.
  • * At least 2+ years of experience in network traffic analysis.
  • * Strong working knowledge of Boolean logic, TCP/IP fundamentals, threat management, and networklevel exploits.
  • * Experienced with IDS/IPS technologies, architectures, and signature development (signature and anomalybased detection).
  • * Skilled in cloud security across AWS, Azure, and GCP environments.
  • * Handson experience using SOAR platforms and supporting cybersecurity automation.
  • * Proficient in using ML frameworks to develop, train, and deploy models for anomaly detection or behavioral analysis.
  • * Strong data analysis and feature engineering skills across logs, network traffic, and large datasets.
  • * Familiar with AI/ML use cases in cybersecurity such as automated threat detection, incident response automation, and predictive analytics.
  • * Knowledgeable in applying control frameworks and risk management techniques.
  • * Excellent oral and written communication skills with strong interpersonal and organizational abilities.
  • * Experience evaluating AI/ML solutions within SOC environments is a plus.
  • * Understanding and experience identifying and implementing automation use cases.

Preferred Skills

  • Experience tuning and maintaining IDS/IPS technologies.
  • Cloud security experience across AWS, Azure, and GCP.
  • Handson SOAR platform experience.
  • Machine learning model development for threat detection and analytics.
  • Advanced network traffic analysis and evidencebased recommendations.
  • Experience performing threat intelligence analysis using MLenhanced tools.
  • Strong understanding of IDS/IPS signature creation and detection methodologies.

Required Education + Experience

  • BA/BS in Cybersecurity, Computer Science, Information Technology, or a related field or equivalent handson experience.
  • Relevant certifications such as GCED, GSEC, CISSP, or SSCP desired.
  • 3+ years of IT security experience with exposure to AI/ML projects.
  • 2+ years of network traffic analysis.

Security Clearance/Vetting

  • U.S. Citizenship required
  • Ability to obtain Public Trust clearance

WORK SCHEDULE: Monday-Friday core daytime
WORK LOCATION: Remote
DAYS OFF: Saturday and Sunday
TRAVEL: N/A
TELEWORK ELIGIBILITY: Yes
SECURITY REQUIREMENTS: Public Trust

Who We Are

phia LLC ("phia") is a Northern Virginia based, small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer's missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia offers excellent benefits to enhance work-life balance, including the following:

  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short Term & Long Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Paid Holidays
  • Paid Time Off (PTO)
  • Tuition and Professional Development Assistance
Applied = 0
MORE JOBS LIKE THIS

(web-54bd5f4dd9-d2dbq)