SOC Cybersecurity Analyst (IMC00757)

The SOC cybersecurity analyst provides support for a government client. 

Work Location: Completely onsite in Falls Church, VA. EOW-N: Wednesday/Thursday/Friday/ Alt Saturday 7:00pm – 7:00am. 

Essential Duties and Responsibilities: This position will include, but is not limited to, the following tasks:

• Perform forensic analysis of digital information and gathers and handles evidence. Identify network computer intrusion evidence and perpetrators. 
• Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
• Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
• Evaluate, test, recommend, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software.
• Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
• Identify security risks and exposures, determine the causes of security violations, and suggest procedures to halt future incidents and improve security.
• Develop techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks, or leaks.
• Correlate data feeds and logs to analyze known threats and incidents, build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.
• Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data. 
• Provide guidance to junior-level staff, as necessary. May serve as team or task lead. 
• Ensure cybersecurity inspections, tests, assessments, and reviews are synchronized and coordinated with all stakeholders.
• Assists in the implementation, management, and administration of the organization’s structure and workflow within eMASS.
• Conduct reviews of cybersecurity information papers and plans with CYBERCOM, ARCYBER, Air National Guard Cyber, National Security Agency (NSA), Federal Bureau of Investigations (FBI), Department of Justice (DOJ), and Department of Homeland Security (DHS).
• Assist in the enforcement of the DoD Cyberspace Workforce Framework (DCWF) and cybersecurity certification program to ensure training and certification requirements are enforced, managed, and reported.
• Assist ARNG with the implementation of a documented and streamlined process for reviewing, processing, and approving systems access requests to eMASS in support of the RMF.
• Assist in examining the security architecture and vulnerabilities of systems in cooperation with system owners and administrators through security scans, examinations of system configurations, reviews of system design documentation, and interviews. 
• Support the identification, dissemination, and delivery of approved policy and process documentation in support of system(s) authorization efforts through DoD, Army, and NIST guidance.
• Other duties as assigned. 

Basic Required Qualifications and Skills:  Note: These are mandatory items that all candidates must have when submitting an application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.

• Bachelor’s degree from an accredited institution in cybersecurity, information assurance, computer science, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
• 6+ years of overall demonstrated experience in cybersecurity, information assurance, or computer science. 
• Certification requirements: 
  • At start date must possess an active CompTIA Security+CE certification.
  • At start date, must possess one of the following CSSP Incident Responder certifications: CySA+, CEH, or GCIH 
  • When 8140 requirements are implemented on program/contract, employee will need to conform to 8140 certification standards. 
• Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
• Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.
• Must have:
  • Strong customer service experience as this position will require candidate to engage with senior military and government leadership. 
  • Ability to present ideas clearly through briefings, meetings, and interaction with leadership of different skill sets.
  • Ability to provide training sessions as required.
  • Ability to engage with stakeholders to ensure tasks are progressing and meeting timelines.
  • Ability to work under time constraints and adapt to changes in requirements and new projects.
  • Ability to maintain and upgrade certifications.
  • Ability to assimilate information rapidly, motivated to self-study new requirements.
  • Maintain current industry knowledge of relevant concepts, practices, and procedures.
• Familiar with:
  •  DoD 2875 account request processes
  • ACTCS training system
• Excellent communication and documentation skills, with strong organizational and collaborative skills.
• Strong teamwork and engagement as a project team member.
• Pursuant to a government contract, this specific position requires U.S. Citizenship. 
• All applicants must have current DoD Secret clearance day one and prior to entry on duty.

Salary and Benefits Information: Please see the salary information listed at the beginning of this document, which is not a guarantee of compensation or salary. All salaries will be based on relevant experience, geographic location, and position and/or contractual requirements, which could fall outside of the listed range. For more information about IMC’s benefits, please visit our website at https://www.imcva.com/about-imc/careers.