Cybersecurity SOC-IR Analyst-Seaside CA (Onsite)

ASRC Federal NetCentric Technology seeks a Cybersecurity SOC-IR Analyst to support one of our Cybersecurity Support Services contracts. This is an onsite position located at Seaside, California responsible for containing, responding to, and eradicating threats and other malicious activity. This position will help maintain and improve cybersecurity incident response capabilities as well as coordinate or participate in high-priority investigations, identifying incident response improvements, and preparing reports for management. Work location is Seaside California. Sign-On Bonus Available

Key Responsibilities:

• Monitor security tools for security alerts, anomalies, and suspicious activity, and triage those alerts to distinguish between false positives and potential threats

• Conduct routine threat intelligence driven analysis for indicators of compromise (IOCs) and advanced persistent threats across the enterprise network and endpoints using threat intelligence and various detection methodologies
• Collaborate with vulnerability management teams by analyzing security scan results and prioritizing vulnerabilities for remediation based on active threats and exploitability
• Collect, normalize, and analyze security-related logs from various sources (endpoints, network devices, applications) to establish baselines, detect deviations, and support ongoing investigations
• Create and maintain Incident Response (IR) and Security Operations Center (SOC) SOP in accordance with CJCSM 6510.01B, NIST SP 800-61R2, DoD regulations, and industry best practices

• Perform technical incident response investigations into cybersecurity related events and incidents
• Determine the nature, scope, and cause of incidents including root cause analysis
• Identify corrective actions and aid in the containment, eradication, and recovery of a given event and incident
• Track incident response, corrective measures taken, recommendations, and remediation activities; complete incident reports for investigations as needed; provide or contribute to weekly report of events and incidents
• Respond to and investigate cyber events should an incident occur after regular business hours

Required Skills:

• Knowledge of Incident Response Handling Procedures (NIST SP 800-61)
• Familiarity with cyber adversary tactics and frameworks (such as ATT&CK and D3FEND)
• Knowledge of one or more of the following cybersecurity tools:

• Trellix/ESS
• Tanium
• Microsoft Defender Endpoint
• BeyondTrust
• Splunk

Required Qualifications:

• Bachelor's degree in computer science or related field
• U.S. Citizenship and an active Secret Clearance (required) with the ability to obtain and maintain a Top-Secret Clearance.
• Active DoD 8570 IAT Level II certification or greater , including at least one of the following certifications in good standing: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
• Active DoD 8570 CSSP Incident Responder certification a plus, including at least one of the following certifications in good standing: CEH, CFR, CCNA Cyber Ops, CHFI, CySA+, GCFA, GCIH, SCYBER, or PenTest+

• 3+ years in performing Cybersecurity Incident Response and Security Operations Center (SOC) duties
• Required to work onsite daily at our DoD customer office location in Seaside, California.

California Residents: This position offers a pay range of $115,000.00 - $135,000.00 depending on experience, seniority, geographic locations, and other factors permitted by law.

Why ASRC?

As a wholly owned subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation, we are inspired by the Iñupiat culture. We embrace stewardship and the idea of using every resource effectively; teamwork when striving to achieve goals and building a collaborative environment; integrity in adhering to high moral principles and professional standards; respect in welcoming and regarding the differing opinions, experiences, rights and traditions of others; accountability in that we meet our commitments and take responsibility for our results; and continuous improvement, always striving to make things better, raising the bar and staying humble.

Advantages of Working at ASRC Federal:

• Purpose-Driven Careers: Join a company recognized as a:

• Certified Great Place to Work

• Military Times' Best for Vets Employer

• Military.com's Top 25 Veteran Employer

• Comprehensive Benefits:

• Insurance Coverage: Comprehensive plans for medical, dental, vision, life insurance, and short-term/long-term disability

• Paid Leave: Inclusive policies for bereavement, military obligations, and parental needs, along with 11 paid holidays annually

• Retirement Savings: A 401(k) plan with a generous company match and immediate vesting to help secure your financial future

• Incentives: Employee referral bonuses to reward you for helping grow the ASRC Federal Family

• Learning and Development:

• After 90 days of employment, regular full-time employees are eligible for our professional development program. This includes annual funding for:

• Pursuing Associate's, Bachelor's, or Graduate Degrees

• Obtaining industry-standard professional certifications

• Participating in professional certificate programs

• Covering registration fees for professional conferences

• Centers of Excellence : We established the Centers of Excellence to build, leverage and grow our technological capabilities, best practices and offer professional development for our technical teams. They contain many Communities of Practice which are forums that offer a platform to share ideas, best practices, innovations, and to collaborate with technical peers.

Embark on a career with ASRC Federal Business Innovation, LLC, where your growth, purpose, and well-being are at the forefront of what we do!