Cybersecurity Analyst SME
About the role
The Security Operations Center Manager will support the Defense Manpower Data Center (DMDC) Cybersecurity, Privacy, Records, Information Management, and Environments Support (Cyber Primes) program. The role involves managing the SOC, which is the central hub for cybersecurity event monitoring, incident detection, triage, and analysis.
Responsibilities
- Securing the operations for DMDC and DHRA’s networks via the SOC
- Maintaining and providing process improvements on SOC processes and procedures
- Managing Cyber Incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies
- Communicating and providing summaries which can include presentations to all levels of leadership
- Evaluating, testing, recommending, coordinating, monitoring, and maintaining cybersecurity policies, procedures, and systems
- Identifying security risks and exposures, determining the causes of security violations, and suggesting procedures to halt future incidents and improve security
- Developing and maintaining Tactics, Techniques and Procedures (TTPs) for the SOC
- Conducting cybersecurity risk assessments and compliance audits, evaluating and testing hardware, firmware and software for possible impact on system security, and investigating and resolving security incidents such as intrusion, frauds, attacks or leaks
Requirements
Must currently possess a Top Secret clearance level and be able to obtain a Top Secret Public Trust/Other clearance. Must be a US citizen and have 10+ years of related experience in cybersecurity. No certifications are required, but one of the following certifications is preferred: Security+, CISSP.
Qualifications
- Continuous Monitoring
- Security Information and Event Management (SIEM)
- Security Operations Certifications (not specified)
Skills
- May serve as a team or task lead
- Coaches and provides guidance to less experienced professionals
- Investigates, analyzes, and responds to cyber incidents within a network environment or enclave
- Uses data collected from a variety of cyber defense tools to analyze events
- Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives
- Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems
- Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
- Identifies security risks and exposures, determines the causes of security violations, and suggests procedures to halt future incidents and improve security
- Develops and maintains Tactics, Techniques and Procedures (TTPs) for the SOC
- Manages Cyber Incidents which includes triage, communication, documenting and responding to the incident in accordance with DoW regulations and policies
- Communicates and provides summaries which can include presentations to all levels of leadership
- Manages tasks in accordance with DoW government contracts
Benefits
No specific benefits are mentioned in the job description.
Pay
The likely salary range for this position is $169,604 - $229,464. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Schedule
Scheduled Weekly Hours: 40
Travel Required: Less than 10%
Telecommuting Options: Onsite Work