Local Defender SOC Analyst

C

COLSA

Local Defender SOC Analyst

Mcalester, OK +1 location
Full Time
Paid
  • Responsibilities

    **General Summary:
    **

    Performs system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings.

    *Principal Duties and Responsibilities (Essential Functions):

    • Submits and tracks all service tickets submitted internally and externally for Operational Technology (OT) systems.
    • Monitors/logs SOC Request/CNOC actions and response.
    • Assists in OT investigations of significant incidents and reporting.
    • Submits and tracks all service tickets submitted on behalf of customer internally and to external organizations.
    • Provides timely acknowledgement of SOC service requests, problem identification, root cause analysis, escalation, resolution, and closure for all SOC service requests in accordance with SLAs and OLAs.
    • Escalates OT cyber incidents that require further in-depth analysis.
    • Categorizes and prioritizes OT cyber events and other SOC service requests.
    • Documents and tracks incidents in accordance with reporting procedures and archives historical OT SOC data.
    • Provides situational awareness on OT cybersecurity-related issues impacting enterprise policies and procedures.
    • Provides monitoring and analysis of OT SIEM events to identify potential security risks and vulnerabilities.
    • Triages events and investigates to identify OT security incidents.
    • Logs security incidents in the IT/OT ticketing system.
    • Manages OT security incidents throughout their lifecycle to closure.
    • Coordinates with other, remote technical teams to investigate, document, and resolve issues.
    • Makes recommendations for ongoing tuning and updates to the SIEM system.
    • Receives input from threat intelligence sources and analyzes events to identify threats and risks.
    • Supports ad-hoc data and investigation requests.
    • Conducts security and vulnerability scans as directed using established processes.

    _At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefitshere. _

    Required Skills

    Required Experience

    • Associate's or Bachelor’s degree in related technical field or equivalent experience. Minimum of 3 related certifications may be used in place of unrelated degree field.
    • 7-12 plus years of work related experience.
    • Must be able to obtain/maintain a Secret security clearance; US citizenship required.
    • Must be able to obtain/maintain a DoD 8140/8570 IAT Level II certification within 90 days of hire.
    • Ability to work onsite daily.
    • Ability to clearly present and communicate technical approaches and findings.
    • Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).
    • Familiarity with MITRE Att&ck Framework.
    • Strong understanding of OSI model, network security concepts, security classification guides, and CJCSM 6510.01B concepts and activities.
    • Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).

    Preferred Qualifications

    • Advanced degree preferred.
    • Active Secret clearance.
    • Current DoD 8140/8570 IAT Level II certification.
    • System administration experience and IT certifications in Linux and/or Microsoft are a plus.
    • Experience with networking protocols, design (switches, routers, firewalls, etc.) and terminology, and network administration is a plus (Cisco, Juniper, Ubiquiti etc.).
    • Understanding of the Purdue model, industrial control systems and Operational Technology is desired.
    • Experience with DoD.
    • Tenable.SC Specialist, Tenable.OT Specialist, or Dragos Platform Certified User (DPCU) certifications.
    • Dragos ICS-OT Cybersecurity training.
    • ICS/OT penetration testing experience.

    Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.

  • Locations
    Concord, CA • Mcalester, OK