Job Description
We are looking for an experienced and proactive Cybersecurity Analyst to support our Army customer in performing system monitoring and analysis for the detection of cyber incidents. This role is key in identifying, analyzing, and addressing security risks in Operational Technology (OT) systems. The ideal candidate will be detail-oriented, able to work in a fast-paced environment, and be driven to ensure the highest standards of cybersecurity.
Responsibilities:
Submit and track service tickets for OT systems, both internally and externally, ensuring timely follow-up.
Monitor and log SOC (Security Operations Center) requests and CNOC (Cyber Network Operations Center) actions, ensuring appropriate responses.
Assist in OT investigations of significant cyber incidents, providing clear reporting and analysis.
Handle service tickets related to the customer's needs, both internally and with external partners.
Acknowledge SOC service requests promptly, identifying problems, performing root cause analysis, and ensuring resolution within established Service Level Agreements (SLAs) and Operational Level Agreements (OLAs).
Escalate OT cyber incidents for in-depth analysis when necessary.
Categorize and prioritize OT cyber events, ensuring they are documented and tracked in line with reporting procedures.
Provide situational awareness on OT cybersecurity issues and their impact on enterprise policies.
Monitor and analyze OT SIEM (Security Information and Event Management) events to detect potential security risks and vulnerabilities.
Investigate and triage security events to identify OT security incidents.
Manage OT security incidents from initiation through to resolution.
Collaborate with remote technical teams to resolve issues, document findings, and ensure appropriate actions are taken.
Recommend updates and ongoing tuning for the SIEM system to improve performance and security.
Analyze threat intelligence to identify potential threats and risks to OT systems.
Respond to ad-hoc data and investigation requests, supporting overall cybersecurity efforts.
Conduct security and vulnerability scans as needed, following established protocols.
Minimum Qualifications:
A Bachelor's Degree or higher in a relevant field, or equivalent work experience.
At least 10 years of relevant work experience in the cybersecurity field.
Proven ability to thrive in fast-paced environments, with a proactive approach to problem-solving.
DoD 8570/8140 IAT Level II certification.
Ability to work on-site daily.
Strong familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).
Knowledge of the MITRE ATT&CK Framework and its application to cybersecurity.
Solid understanding of the OSI model, network security concepts, and security guidelines.
Familiarity with industrial control systems (ICS) and operational technology (OT).
Preferred Qualifications:
Experience working with the Department of Defense (DoD).
Relevant certifications in OT/ICS security, such as Tenable.SC Specialist, Dragos Platform Certified User (DPCU), or ICS/OT penetration testing experience.
Experience with system administration and IT certifications in Linux or Microsoft.
Expertise in networking protocols, network administration (e.g., Cisco, Juniper, Ubiquiti), and network security devices.
Understanding of the Purdue model and its application to OT environments.
Additional Requirements:
Candidates must be able to obtain and maintain a DoD Secret Clearance. An active clearance is highly preferred.
Employment Type: Full-Time
Salary: $ 100,000.00 130,000.00 Per Year
Job Tags
Full time, Work experience placement, Local area, Remote job,