Threat Management Specialist (Tier 1)

Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, DC, delivering strategic solutions to government agencies and enterprise clients nationwide. We specialize in advanced threat detection, incident response, and the integration of emerging technologies such as AI and machine learning to enhance security operations. Our teams operate in diverse work environments—including on-site, hybrid, and fully remote—on contracts ranging from several months to multiple years.

We are seeking a Threat Management Specialist (Tier 1) to join our Cybersecurity Operations Center (CSOC) team in Falls Church, VA. This role is responsible for initial alert triage, escalation, and operational support for security incident response, with a focus on improving SOC efficiency through automation and AI/ML capabilities. Working Monday through Friday, 7:00 AM – 4:00 PM, the Tier 1 Analyst will serve as the first line of defense in identifying, documenting, and escalating potential security incidents in accordance with established playbooks and SOPs.

Key Responsibilities:

• Identify security events requiring mitigation and take initial response steps.
• Review and interpret alerts from SIEM tools, CSOC mailboxes, and incoming security calls.
• Collect key information (e.g., IP address, asset, location) to support further investigation.
• Escalate security events to Tier 2 analysts for advanced investigation.
• Execute operational processes in support of incident response efforts.
• Use AI/ML-based tools to detect anomalies, automate triage, and enhance threat intelligence.
• Perform and analyze threat intelligence to assess risk and adapt defenses using ML-enhanced tools.
• Stay up to date on cybersecurity trends, threat actors, and AI/ML advancements.
• Identify and support automation use cases to improve SOC capabilities.
• Collaborate across operations to enhance SOC efficiency through AI/automation integration.

Required Skills & Qualifications:

• 1+ years of experience in IT operations.
• 1+ years of experience in IT security.
• Strong understanding of platform security basics, threat lifecycle management, TCP/IP, and incident management.
• Knowledge of control frameworks and risk management techniques.
• Familiarity with AI/ML techniques in cybersecurity, including automated detection, incident response automation, and predictive analytics.
• Knowledge of ethical AI principles and their impact on security operations.
• Familiarity with cloud security (AWS, Azure, GCP).
• Understanding of automation use case identification and implementation.
• Excellent oral, written, interpersonal, and organizational skills.
• Bachelor’s degree in Computer Science, IT, or related field; relevant certifications (CEH, CISSP, Security+, GCIH) preferred.

Work Environment: Falls Church, VA (on-site)

Schedule: Monday – Friday, 7:00 AM to 4:00 PM

Travel: Minimal, as required for project needs.

Clearance Requirement: U.S. citizenship or lawful permanent residency required.

AI Usage Policy: Candidates must be able to independently demonstrate technical proficiency without the use of AI tools during interviews or performance assessments.

Benefits:

• Insurance – health, dental, and vision
• Paid Time Off (PTO) and 11 Federal Holidays
• 401(k) employer match