If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.
Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.
The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.
At WGU, it is not typical for an individual to be hired at or near the top of the range for their position, and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:
Grade: Technical 411Pay Range: $157,000.00 - $243,400.00
Job Description
*This opportunity will be on-site in our future Raleigh, NC location*
We’re seeking a highly skilled Principal Cybersecurity Analyst to be a senior technical leader within our Global Cybersecurity Operations Center (CSOC). In this hands-on role, you’ll blend deep technical expertise in detection, response, and threat hunting with strategic leadership to mature our security operations.
You’ll lead complex investigations, shape detection engineering initiatives, automate workflows, and act as a mentor to our SOC analysts. This is an opportunity to make a meaningful impact—protecting a global enterprise while advancing CSOC capabilities to defend against evolving cyber threats, including nation-state actors, ransomware, insider threats, and more.
Key Responsibilities
Incident Response & Threat Hunting
Lead high-impact investigations across endpoints, cloud, identity, and SaaS platforms.
Hunt for advanced threats using behavioral analytics and threat intelligence.
Perform forensic analysis and root cause investigations for complex incidents.
Detection Engineering & Automation
Build and optimize custom detection logic in SIEM, EDR, and network tools.
Develop and maintain automated playbooks using SOAR technologies.
Partner with engineering and IT to enhance security architecture and telemetry.
Strategic Leadership
Influence CSOC roadmap and detection strategy aligned to business risk.
Act as SME on APTs, cybercrime operations, and threat actor tradecraft.
Correlate threat intelligence and telemetry to anticipate and disrupt adversary campaigns.
Team Enablement & Mentorship
Coach L1–L3 SOC analysts through training, scenario-based exercises, and case reviews.
Set the technical bar for investigations, detections, and documentation standards.
Support cross-functional response efforts during critical incidents and executive escalations.
Other Key responsibilities
Perform threat modeling to anticipate potential attack vectors and inform proactive detection and response strategies.
Collaborate with security architects and application teams to integrate threat modeling into detection coverage and incident response planning
Translate threat models into actionable detection rules, hunt hypotheses, and security content development
Qualifications
Minimum Requirements
10+ years of experience in cybersecurity with deep expertise in SOC operations, IR, and threat detection.
Proven ability to lead investigations into APTs, ransomware, and insider threats.
Proficiency in SIEM (e.g., Splunk, QRadar, Devo), EDR (e.g., CrowdStrike, SentinelOne), IDS/IPS, and threat intel platforms.
Strong knowledge of Kill Chain, and threat modeling frameworks.
Familiarity with security automation (Python, PowerShell, or Bash preferred).
Excellent written and verbal communication skills, including incident documentation and executive briefings.
Strong time management and prioritization skills in high-pressure environments.
Master's Degree in IT Security, Computer Science, Engineering or related field
Equivalent relevant experience performing the essential functions of this job may substitute for education degree requirements. Generally, equivalent relevant experience is defined as 1 year of experience for 1 year of education and is the discretion of the hiring manager.
Preferred Certifications
One or more: CISSP, GCIH, GCFA, GCFE, OSCP, GNFA, CTIA, CISM, GCIA, GREM.
Familiarity with SQL for querying and data analysis.
Knowledge of MITRE ATT&CK
Experience performing static/dynamic malware analysis and digital forensics.
Job Description Disclaimer: This position description provides the major duties/responsibilities, requirements and working conditions for the position. It is intended to be an accurate reflection of the current position, however management reserves the right to revise or change as necessary to meet organizational needs. Other responsibilities may be assigned when circumstances require.
#LI-aw2
Position & Application Details
Full-Time Regular Positions (classified as regular and working 40 standard weekly hours): This is a full-time, regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical, dental, vision, telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident, critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave.
How to Apply: If interested, an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.
Additional Information
Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive.
Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at recruiting@wgu.edu.
Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.
