SOC Cyber Security Analyst (Shift - BOW-N: Alt-Sat/Sun/Mon/Tue 1900-0700)

The work includes the following:

• Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators.
• Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
• Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
• Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
• Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
• Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to halt future incidents and improve security.
• Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.
• Correlates data feeds and logs to analyze with known threats and incidents, build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.
• Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data. Provides guidance to junior-level staff, as necessary.
• May coach and provide guidance to less-experienced professionals.
• May serve as a team or task lead
   

The Cyber Security Analyst will:

• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Assists in the implementation, management, and administration of the organization’s structure and workflow within eMASS.
• Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
• Assists in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
• Assists ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
• Assists in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews.
• Support the identification, dissemination and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army and NIST guidance.

WHAT YOU’LL NEED:

Education/Equivalent Training Required:

• Preferred bachelor’s degree in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.

Years of relevant experience:

• 4+ years of overall demonstrated experience in cybersecurity, information assurance or computer science.

Unique/Additional Requirements:

• Strong analytical, problem-solving, and decision-making skills, including the ability to understand user needs, troubleshoot issues, and develop process improvements.
• Reliable and punctual; follows direction, seeks feedback, and consistently meets expectations.
• Proven customer service experience; comfortable engaging with senior military and government leaders.
• Confident communicator; able to present ideas clearly in meetings, briefings, and discussions with diverse leadership.
• Able to conduct training sessions and engage stakeholders to ensure timely task completion.
• Familiar with DoD 2875 account request procedures and ACTCS training system.
• Excellent verbal/written communication and documentation skills.
• Strong organizational, collaborative, and team-oriented mindset.
• Quick to learn; self-motivated to understand new requirements.
• Keeps current with industry best practices and maintains certifications.
• Works well under pressure and adapts to changing priorities.
• Performs other duties as assigned.

Certification Requirements:

• Must Possess the appropriate baseline certification(s) to achieve a minimum of DoD 8570.01-M Information Assurance Technical (IAT) Level II (i.e., CompTIA Security+ CE) prior to start.  Will need to obtain an additional computing environment certification (i.e., one of the CSSP sections certifications (i.e., CEH, CCNA-Security, CND, etc.) within six-months of hire based on position designation. 

Clearance Requirements:

• Must have a minimum of an active Secret clearance at time of interview and candidate must maintain active clearance.

Work Location:

• Full time onsite support at the program facility (Fairview Park, Falls Church, VA).

Shift Options: 

• BOW-N:  Alt-Sat/Sun/Mon/Tue 1900-0700

Travel:

• Less than 10%.