Job Specifications
Top Must Haves:
2–5 years SOC / Incident Response experience
Strong knowledge of Incident Response lifecycle (NIST 800-61)
Hands-on SIEM experience (e.g., Splunk, Sentinel, QRadar)
Hands-on EDR experience (e.g., CrowdStrike, Defender, Cisco)
Network & log analysis skills (TCP/IP, DNS, HTTP, IOC correlation)
Active Directory / Azure AD familiarity
Basic scripting (PowerShell or Python)
Hybrid schedule averaging 3–4 days onsite per week in Richmond, VA
Initial training may require up to 5 days onsite per week
Occasional travel to court sites within Virginia (reimbursable)
Application Deadline: Feb 27th, 2026.
IV Process = Video then onsite
Position Title: Incident Responder / SOC Analyst
Location: Hybrid 3-4 days onsite (must reside in VA) / 1-2 days remote per week
Address: Richmond, Virginia
Work Status: USC / GCH
Position Status: 6-month contract with possible 6-month extensions.
Position Description: The Office of the Executive Secretary of the Supreme Court of Virginia is seeking a skilled Incident Responder / SOC Analyst to strengthen the cybersecurity posture of its IT operations. This role plays a critical part in investigating, mitigating, and responding to advanced cybersecurity threats to ensure the confidentiality, integrity, and availability of sensitive judicial systems and data.
The selected candidate will join the Network Services team / Tier 1 and Tier 2 SOC operations in alignment with the NICE framework. Responsibilities include monitoring security platforms, managing incidents, conducting investigations, leveraging threat intelligence, and supporting containment and recovery efforts. This is an opportunity to contribute to the protection of critical judicial infrastructure within a collaborative, mission-driven environment.
Key Responsibilities:
Monitor and triage alerts from SIEM, EDR, and NDR platforms
Investigate security incidents to determine scope, severity, and impact
Analyze attack telemetry and convert data into actionable intelligence
Escalate complex incidents to Tier 3 analysts or senior cybersecurity staff
Utilize threat intelligence sources (MITRE ATT&CK, CISA advisories, IOCs, Virginia Fusion Center)
Assist in containment strategies including host isolation, account lockdown, and network segmentation
Coordinate secure recovery efforts and prevent recurrence
Tune SIEM detections to reduce false positives and improve alert fidelity
Update and refine incident response playbooks
Prepare detailed incident reports for internal stakeholders
Document findings in ticketing systems (e.g., ServiceNow, Jira)
Collect and preserve forensic evidence in accordance with SOPs
Ensure ticket resolution within SLAs and proper cross-shift handoffs
Contribute to continuous process improvement initiatives
Required Qualifications:
2–5 years of experience in cybersecurity operations, incident response, or SOC environments
Strong understanding of:
Incident Response Lifecycle (NIST 800-61 or equivalent)
Threat intelligence and IOC correlation
Network protocols (TCP/IP, DNS, HTTP)
Log analysis
Proficiency with:
SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel)
EDR tools (e.g., CrowdStrike, Microsoft Defender, Cisco Secure Endpoint)
Threat intelligence platforms and IOC feeds
Familiarity with Active Directory, Azure AD, and identity management concepts
Experience with scripting (PowerShell or Python) for automation and analysis
Ability to execute containment and remediation procedures
Strong documentation and communication skills
Preferred Qualifications:
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field
Industry certifications (earned or in progress), such as:
CompTIA Security+, CySA+
GIAC (GCIA, GCIH, GCFA)
CISSP
Microsoft (SC-900, SC-200)
Splunk Core User
Experience with:
SOAR automation platforms
Packet capture tools (e.g., Wireshark)
Cloud security tools and environments (Azure, AWS)
Cybersecurity tools such as Qualys, Cisco Secure Access, ThousandEyes, DUO, and Cloudflare
Ticketing systems such as ServiceNow and Jira
Zero Trust architecture and Network Access Control (NAC)
Seneca Resources: Were a client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. Seneca Resources is a leading IT services provider with offices in Reston, Virginia, Alabama and Columbia, Maryland that service clients throughout the United States. The key to our success lies within our strong corporate culture which drives our business. We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement. In turn, we look for only the best and brightest to join our team. We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.
About the Company
Seneca Resources Company, LLC, the exploration and production segment of National Fuel Gas Company, headquartered in Houston, Texas, explores for, develops, and produces natural gas in the Appalachian Region including the Marcellus and Utica Shales. Our above-and-beyond environmental stewardship includes 100% responsibly sourced gas designations, innovative technology, state-of-the-art water management, and a robust biodiversity program.
Know more