Security Operation Center Analyst 1 SECUR014006 Position Available In Madison, Mississippi

[]{#_Hlk142289191}[]{#_Hlk142304825}This is a job description for a Security Operation Center (SOC) Analyst 1 in Madison, MS.

Summary:

A SOC Analyst is responsible for cybersecurity operations, incident response, and defensive cyber measures across both centralized and distributed locations in support of the Warfighter Training Readiness Solutions (W-TRS) program under the U.S. Army

PEO STRI.

The role involves continuous 24×7×365 monitoring, analysis, and response to cyber threats, ensuring adherence to best practices and operational procedures for defensive cyber operations. The analyst proactively implements defense strategies, maintains compliance and reporting metrics, and ensures alignment with DoD cybersecurity policies. Additionally, they generate reports related to

FISMA, RMF

ConMon, and security incidents while operating, maintaining, and deploying enterprise cyber tools.

Duties and Responsibilities:

Shall support production of documentation and associated artifacts, the implementation of Cybersecurity requirements as identified in DoDI 8510 and AR 25-2 based upon the System Categorization under the Risk Management Framework (RMF). Operate workstation, and collect, analyze, and assimilate data into usable. Execute Incident Responses for all incidents involving the system, prepare incident reports, and submit to appropriate IA personnel. Validate IA Vulnerability Alerts (IAVAs) for supported baselines via vulnerability scanning. Responsible for the maintenance and security of the current and future baseline. Ensure all components have a representative security configuration baseline documented. Continuous monitoring and compliance testing to validate the current configurations, Analyze and correlate audit records using the Security Incident & Event Management (SIEM) Analyze security requirements, perform functional and security testing, prepare initial RMF documents for system Assessment and Authorization (A&A), and present the security architecture. Monitor and control communications at the external boundaries, including unauthorized software, to include mobile code. Notify site IA personnel immediately upon detection of an unauthorized network service. Configure and enable required security features. Centrally review, analyze, correlate, and store audit records from multiple components within the system using the various SIEM tools and monitoring capabilities. Perform necessary auditing and audit review.

Perform / Monitor

account management and account. Ensure backups of audit logs is performed weekly. Support execution of annual FISMA according to the Assessment and Authorization (A&A) and ATO requirements.

Requirements and Qualifications:

Experience working with DoD / U.S.

Army / Federal

Government.

Experience / Knowledge with software/tools:

Assured Compliance Assessment Solution (ACAS), Splunk, Endpoint Security Solution (ESS), Cisco Adaptive Security Appliance (ASA) Firewalls and Firepower IPS, SRGs, STIGS, DISA STIG Viewer, SCC/SCAP, Evaluate STIG, Windows, Linux (RHEL). Experience as related IT/Cyber position. Knowledge of cybersecurity operations (including protection, detection, response, and sustainment). Knowledge and understanding of current cybersecurity technologies and emerging innovations. Demonstrates knowledge of the lifecycle of cybersecurity threats and use of existing TTPs. Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.

Equal Opportunity/Affirmative Action Employer.