Skip Navigation
Loading...

COLSA Corporation

Grow With Us

Local Defender SOC Analyst



Tracking Code

8778-987

Posted Date

11/8/2024

Job Location

McAlester Army Ammunition Plant (MCAAP), McAlester, Oklahoma

Location of Position

McAlester, Oklahoma, United States

Work Arrangement

On Site: 100%

Position Type

Full-Time/Regular

Clearance Required?

Ability to Qualify

Level of Clearance Required

Secret

Position Funded?

Yes

General Summary:

Performs system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings.

 

Principal Duties and Responsibilities (*Essential Functions):

  • Submits and tracks all service tickets submitted internally and externally for Operational Technology (OT) systems. 
  • Monitors/logs SOC Request/CNOC actions and response. 
  • Assists in OT investigations of significant incidents and reporting. 
  • Submits and tracks all service tickets submitted on behalf of customer internally and to external organizations. 
  • Provides timely acknowledgement of SOC service requests, problem identification, root cause analysis, escalation, resolution, and closure for all SOC service requests in accordance with SLAs and OLAs. 
  • Escalates OT cyber incidents that require further in-depth analysis. 
  • Categorizes and prioritizes OT cyber events and other SOC service requests. 
  • Documents and tracks incidents in accordance with reporting procedures and archives historical OT SOC data. 
  • Provides situational awareness on OT cybersecurity-related issues impacting enterprise policies and procedures. 
  • Provides monitoring and analysis of OT SIEM events to identify potential security risks and vulnerabilities. 
  • Triages events and investigates to identify OT security incidents. 
  • Logs security incidents in the IT/OT ticketing system. 
  • Manages OT security incidents throughout their lifecycle to closure. 
  • Coordinates with other, remote technical teams to investigate, document, and resolve issues.
  • Makes recommendations for ongoing tuning and updates to the SIEM system. 
  • Receives input from threat intelligence sources and analyzes events to identify threats and risks. 
  • Supports ad-hoc data and investigation requests. 
  • Conducts security and vulnerability scans as directed using established processes.

 

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here


Required Experience

  • Associate's or Bachelor’s degree in related technical field or equivalent experience.  Minimum of 3 related certifications may be used in place of unrelated degree field.
  • 7-12 plus years of work related experience.
  • Must be able to obtain/maintain a Secret security clearance; US citizenship required.
  • Must be able to obtain/maintain a DoD 8140/8570 IAT Level II certification within 90 days of hire.
  • Ability to work onsite daily.
  • Ability to clearly present and communicate technical approaches and findings.
  • Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).
  • Familiarity with MITRE Att&ck Framework.
  • Strong understanding of OSI model, network security concepts, security classification guides, and CJCSM 6510.01B concepts and activities. 
  • Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR). 

Preferred Qualifications

  • Advanced degree preferred.
  • Active Secret clearance.
  • Current DoD 8140/8570 IAT Level II certification.
  • System administration experience and IT certifications in Linux and/or Microsoft are a plus. 
  • Experience with networking protocols, design (switches, routers, firewalls, etc.) and terminology, and network administration is a plus (Cisco, Juniper, Ubiquiti etc.). 
  • Understanding of the Purdue model, industrial control systems and Operational Technology is desired.
  • Experience with DoD. 
  • Tenable.SC Specialist, Tenable.OT Specialist, or Dragos Platform Certified User (DPCU) certifications.
  • Dragos ICS-OT Cybersecurity training.
  • ICS/OT penetration testing experience. 

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.


This position will be posted for a minimum of 3 business days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed.


COLSA offers a comprehensive and customizeable benefits program which includes Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, Accidental Death & Dismemberment, Supplemental Income Protection Programs, 401(k) with company match, Flexible Spending Accounts, Employee Assistance Program, Education & Certification Reimbursement,  Employee Discount Program, Wellness Program, Paid Time Off and Holidays.


close
Hi! We use cookies on this website to help operate our site and for analytics purposes. For more on how we use cookies and your cookie choices, go here! By continuing to use our services, you are giving us your consent to use cookies.