SOC Analyst

Overview

To be successful in this position you need to be collaborative and willing to work within a team. While you will need to be a self-starter completing tasks on your own, working together is critical in this role. You will be interfacing with the client and senior staff. Therefore, you should be articulate in your communications because your opinion matters. You will need to explain technical intricacies in a way that is easily understood.

Responsibilities

• Perform forensic analysis of digital information and gathers and handles evidence. Identify network computer intrusion evidence and perpetrators.
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
• Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
• Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
• Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
• Identify security risks and exposures, determine the causes of security violations, and suggest procedures to halt future incidents and improve security.
• Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.
• Correlate data feeds and logs to analyze with known threats and incidents, build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.
• Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data.
• Provide guidance to junior-level staff, as necessary. May serve as team or task lead.
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Assists in the implementation, management, and administration of the organization’s structure and workflow within eMASS.
• Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
• Assist in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
• Assist ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
• Assist in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
• Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.

Skills

• Bachelor’s degree from an accredited institution in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
• 6 years of overall demonstrated experience in cybersecurity, information assurance or computer science.

Certification requirements:

• Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
• Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.

Must Have:

• Strong customer service experience as this position will require candidate to engage with senior military and government leadership.
• Ability to present ideas clearly through briefings, meetings and interaction with leadership of different skill sets.
• Ability to provide training sessions as required.
• Ability to engage with stakeholders to ensure tasks are progressing and meeting timelines.
• Ability to work under time constraints and adapt to changes in requirements and new projects.
• Ability to maintain and upgrade certifications.
• Ability to assimilate information rapidly, motivated to self-study new requirements.
• Maintain current industry knowledge of relevant concepts, practices, and procedures.

Familair with:

• DoD 2875 account request processes
• ACTCS training system
• Excellent communication and documentation skills, with strong organizational and collaborative skills.
• Strong teamwork and engagement as a project team member.

Join us in safeguarding our organization's information assets while advancing your career in the dynamic field of cybersecurity.

Job Type: Full-time

Pay: $105,000.00 - $110,000.00 per year