Security Operation Center (SOC) Analyst 1

V2X Inc•University, FL

12h•Onsite

About The Position

A SOC Analyst is responsible for cybersecurity operations, incident response, and defensive cyber measures across both centralized and distributed locations in support of the Warfighter Training Readiness Solutions (W-TRS) program under the U.S. Army PEO STRI. The role involves continuous 24x7x365 monitoring, analysis, and response to cyber threats, ensuring adherence to best practices and operational procedures for defensive cyber operations. The analyst proactively implements defense strategies, maintains compliance and reporting metrics, and ensures alignment with DoD cybersecurity policies. Additionally, they generate reports related to FISMA, RMF ConMon, and security incidents while operating, maintaining, and deploying enterprise cyber tools.

Requirements

Knowledge of cybersecurity operations (including protection, detection, response, and sustainment).
Knowledge and understanding of current cybersecurity technologies and emerging innovations.
Demonstrates knowledge of the lifecycle of cybersecurity threats and use of existing TTPs.
Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.

Nice To Haves

Experience working with DoD / U.S. Army / Federal Government
Experience / Knowledge with software/tools: Assured Compliance Assessment Solution (ACAS), Splunk, Endpoint Security Solution (ESS), Cisco Adaptive Security Appliance (ASA) Firewalls and Firepower IPS, SRGs, STIGS, DISA STIG Viewer, SCC/SCAP, Evaluate STIG, Windows, Linux (RHEL)
Experience as related IT/Cyber position
Security+ or CYSA+ certification
Advanced degree(s) preferred.

Responsibilities

Support production of documentation and associated artifacts, the implementation of Cybersecurity requirements as identified in DoDI 8510 and AR 25-2 based upon the System Categorization under the Risk Management Framework (RMF).
Operate workstation, and collect, analyze, and assimilate data into usable formats.
Execute Incident Responses for all incidents involving the system, prepare incident reports, and submit to appropriate IA personnel.
Validate IA Vulnerability Alerts (IAVAs) for supported baselines via vulnerability scanning.
Responsible for the maintenance and security of the current and future baseline.
Ensure all components have a representative security configuration baseline documented.
Continuous monitoring and compliance testing to validate the current configurations.
Analyze and correlate audit records using the Security Incident & Event Management (SIEM).
Analyze security requirements, perform functional and security testing, prepare initial RMF documents for system Assessment and Authorization (A&A), and present the security architecture.
Monitor and control communications at the external boundaries, including unauthorized software, to include mobile code.
Notify site IA personnel immediately upon detection of an unauthorized network service.
Configure and enable required security features.
Centrally review, analyze, correlate, and store audit records from multiple components within the system using the various SIEM tools and monitoring capabilities.
Perform necessary auditing and audit review.
Perform / Monitor account management and account provisioning/de-provisioning.
Ensure backups of audit logs is performed weekly.
Support execution of annual FISMA according to the Assessment and Authorization (A&A) and ATO requirements.