Cloud SOC Analyst

BridgePhase

  • San Antonio, TX
  • Permanent
  • Full-time
  • 1 month ago
  • Apply easily
BridgePhase is a software engineering company focused on designing, building, securing, and operating cutting-edge software solutions that drive mission success and operational excellence for Federal Government organizations. We are dedicated to supporting the Air Force’s technological edge by delivering innovative software engineering services that directly support cyber operations, threat defense, and mission assurance. Our goal is to be a trusted mission partner in enabling cyber readiness and resilience across the Air Force and U.S. Cyber Command.We’re seeking a detail-oriented and proactive Cloud SOC Analyst to join our team supporting the U.S. Air Force’s Unified Platform Software Factory in San Antonio. In this role, you’ll support cyber defense activities by analyzing logs and alerts, identifying threats, supporting incident response, and developing security detection content such as alerts and dashboards to enhance continuous monitoring and threat detection. You’ll play a key role in ensuring mission-critical systems remain secure, compliant, and resilient in a dynamic cyber threat landscape.We are hiring for both fully remote positions and hybrid roles based in San Antonio, TX. Candidates local to San Antonio should expect a mix of onsite and remote work as part of a hybrid schedule.In this position, you can expect to:
  • Monitor, triage, and analyze security alerts and logs across mission systems to identify anomalous or malicious activity.
  • Support incident response activities by conducting initial investigations and escalating issues as needed.
  • Lead investigations into high-priority security incidents, including malware analysis and reverse engineering to determine intent and impact, and provide root cause analysis and remediation guidance to system teams.
  • Leverage SIEM platforms and threat intelligence feeds to identify patterns, indicators of compromise (IOCs), and trends.
  • Perform vulnerability scans, assist with patch tracking, and maintain POA&M documentation.
  • Collaborate with cyber engineers to implement and refine monitoring, alerting, and defensive toolsets.
  • Analyze system and network activity for indicators of security policy violations or threats.
  • Assist in maintaining and updating system security documentation in alignment with RMF and NIST SP 800-53 standards.
  • Participate in readiness assessments, compliance checks, and audit preparation activities.
  • Contribute to briefings and reports that communicate risks, vulnerabilities, and mitigation strategies to mission stakeholders.
As with any technical environment, the exact role responsibilities will evolve with the changing needs of our client. We are looking for analysts who are adaptable, curious, and eager to support cyber defense in a mission-focused environment.Preferred Experience and Qualifications:
  • 3–5 years of experience in cybersecurity analysis or security operations, including defending AWS-hosted environments and Internet-facing web services.
  • Hands-on experience with SIEM platforms, log analysis, and basic incident response techniques.
  • Experience developing detection content such as alerts, dashboards, and correlation rules to support threat monitoring.
  • Familiarity with malware analysis and reverse engineering techniques to determine impact and intent.
  • Linux experience is required, including familiarity with command-line tools and system internals.
  • Ability to produce root cause analysis reports and remediation guidance following security incidents.
  • Understanding of common cybersecurity frameworks such as RMF, NIST SP 800-53, and DISA STIGs.
  • Working knowledge of networking protocols, system logs, and host/network forensics.
  • Familiarity with tools such as Splunk, Kibana, Elastic, Suricata, OSQuery, or similar.
  • Exposure to threat intelligence platforms, vulnerability management, or EDR solutions.
  • Strong written and verbal communication skills with attention to detail.
  • Active Secret clearance is required; TS/SCI preferred.
  • Security+ or equivalent DoD 8570-compliant certification preferred.
  • B.S. in Cybersecurity, Information Technology, or equivalent experience.
While we've outlined our ideal candidate, we know talent comes in many forms. If you have a strong foundation in cybersecurity analysis, a desire to support mission success, and a drive to learn and grow, we encourage you to apply. We value professionals who are curious, reliable, and passionate about defending systems that matter.About Our Company:
At BridgePhase, our values shape our culture and guide our actions. We act with integrity, honesty, and respect, earning trust and fostering collective success. We are critical thinkers and problem solvers, driving innovation and positive disruption to solve hard challenges at speed and scale. Our work is characterized by courage, compassion, commitment, and teamwork. We apply disciplined engineering principles and a proven agile approach that deliver flexible, simplified, durable and performant solutions that drive continuous improvement and have lasting impact and sustained value. Additionally, we invest in our communities through strategic charitable initiatives, empowering our employees to make meaningful contributions to causes they are passionate about.Our Benefits:
We pride ourselves on providing top-tier benefits that rival those found in larger organizations. Below are some of the perks our team enjoys:
  • Competitive compensation based on experience
  • Flexible PTO plan
  • Paid Sick Leave
  • 100% Paid Paternal Leave (16 weeks Maternity, 6 weeks Paternity)
  • 401k plan with 6% employer matching (zero vesting period)
  • Excellent health, dental, and vision benefits
  • Professional development budget that can be used for certifications and training
  • Paid community service days
Powered by JazzHR

BridgePhase