SOC Analyst

Job TitleSOC AnalystOverviewThe SOC Analyst is responsible for monitoring, analyzing, and responding to cybersecurity threats within a secure environment. This role involves supporting security operations, conducting forensic analysis, evaluating network and system activity, and developing strategies to mitigate risks. The ideal candidate is a proactive self-starter with experience in security operations, familiar with attack methodologies, and capable of synthesizing complex technical findings into clear reports. This position plays a critical role in safeguarding organizational assets against cyber threats and ensuring compliance with security standards.Education RequirementsA degree in Computer Science, Cybersecurity, or a related discipline is preferred, but equivalent professional experience may be considered.Clearance RequirementsThis role requires an active Top-Secret clearance, or the ability to upgrade from a Secret to a Top-Secret clearance and must maintain clearance level.Work ArrangementOn-Site - Port Hueneme, CA.ResponsibilitiesSupport SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices Assess Security Technical Implementation Guides (STIGs) compliance and completion Utilize asset mapping tools to verify connected inventory Handle Information Assurance Vulnerability Management (IVAM) notifications Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences Perform forensic analysis of Windows and Linux systems, including timeline analysis, log review, and malware triage Analyze device communication, user permissions, and authentication logs to identify suspicious activity and indicators of compromise Support incident response efforts by reconstructing attack scenarios and providing detailed reports on security incidents Assist in evaluating network and system security configurations and recommend improvements Required QualificationsAt least 3 years of experience in security operations or cybersecurity analysis Proficient in analyzing cyber-attacks, attack classifications, and system vulnerabilities Deep understanding of attack stages, system/application vulnerabilities, and DoD policies and procedures Applied knowledge of network protocols such as TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB Experience with security tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, and Security Center Capable of attack reconstruction based on network traffic and integrating Threat Intelligence Familiarity with the MITRE ATT&CK framework Strong analytical and troubleshooting skills Ability to collaborate effectively across multiple locations Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT security certification Desired SkillsKnowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Ability to develop content for Splunk Enterprise Security using tstats and data models Experience with tools and protocols such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP Understanding of hardware and software research, discovery, and implementation Knowledge of logistics and evidence handling fundamentals