SOC Analyst II
About The Position
The SOC Analyst supports the U.S. Department of Energy Office of Scientific and Technical Information (DOE OSTI) by monitoring security events, performing initial incident triage, and assisting with threat analysis using SIEM and other security tools. The role helps maintain network and security infrastructure—including LAN/WAN/WLAN environments, firewalls, EDR platforms, and cloud-based services. Additional responsibilities include troubleshooting across OSI layers 1–3, participating in maintenance activities and project tasks, maintaining documentation, following established procedures, and supporting process improvements to help protect DOE scientific and technical information. This person will be required to work independently and mentor other SOC Analysts. This is an onsite position, in Oak Ridge, TN.
Requirements
- Prefer working toward a degree in information assurance, information security, network administration, or related field, or equivalent experience.
- High school diploma and 3-5 years of system administration with security tools experience.
- US. Citizenship required to obtain and maintain DOE and HSPD‑12 clearances.
- Ability to work independently and in a team environment while managing multiple tasks.
- Strong problem‑solving, analytical, and troubleshooting skills.
- Excellent oral and written communication skills.
- Ability to work in a fast‑paced environment with attention to detail and quality.
- Understanding of OSI layers 1–3 and general knowledge of the full OSI model.
- Ability to support 24×7 troubleshooting, including after‑hours maintenance and on‑call rotations.
- Strong teamwork, initiative, customer service, and commitment to continuous professional growth.
- Ability to provide proof of US Citizenship on your first day of employment to obtain a DOE HSPD-12 Badge in accordance with the terms of the contract. Department of Energy OSTI's policy direction requires all employees employed on this contract to be citizens of the United States.
Responsibilities
- Maintain and support LAN/WAN/WLAN networks consisting of multivendor network and security equipment.
- Support cybersecurity solutions, audits, and coordination with third‑party cybersecurity teams.
- Support firewalls, SaaS security tools, EDR platforms, and monitoring solutions.
- Monitor and analyze security events to detect risks and threats.
- Apply cyber hunt techniques to discover violations or suspicious activity.
- Use the SIEM (Splunk/Elastic) to correlate, track, and analyze security events.
- Stay current with threats and vulnerabilities relevant to the environment.
- Follow established procedures and recommend improvements.
- Proactively search for potential security threats.
- Research and report on network and security best practices.
- Provide monitoring, triage, and basic event analysis within the SIEM.
- Prepare documentation and share knowledge with team members.
- Maintain network and security diagrams and related documentation.
- Assist with installation, configuration, maintenance, and upgrades of on‑prem and cloud‑based security and network infrastructure.
- Perform configuration and troubleshooting across the OSI model with emphasis on layers 4–7.
- Monitor networks to ensure timely resolution of service disruptions.
- Monitor security tools for detection of attacks and data loss.
- Support scheduled system maintenance tasks.
- Assist with scoping, installing, quoting, and maintaining network/security equipment and services.
- Provide support to other departments for network or security‑related needs.
- Serve as a troubleshooting resource for network and security issues.
- Perform other duties as assigned.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
