nLogic
NL-24-056 Local Defender (SOC Analyst)
nLogic, Concord, California, us, 94527
The Local Defender (SOC Analyst) performs system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings.
Required Qualifications:
Submits and tracks all service tickets submitted internally and externally for Operational Technology (OT) systems.Monitors/logs SOC Request/CNOC actions and response.Assists in OT investigations of significant incidents and reporting.Submits and tracks all service tickets submitted on behalf of customer internally and to external organizations.Provides timely acknowledgement of SOC service requests, problem identification, root cause analysis, escalation, resolution, and closure for all SOC service requests in accordance with SLAs and OLAs.Escalates OT cyber incidents that require further in-depth analysis to SOC Incident Analysis.Categorizes and prioritizes OT cyber events and other SOC service requests.Documents and tracks incidents in accordance with reporting procedure and archives historical OT SOC data.Provides situational awareness on OT cybersecurity-related issues impacting enterprise policies and procedures.Provides monitoring and analysis of OT SIEM events to identify potential security risks and vulnerabilities.Triages events and investigates to identify OT security incidents.Logs security incidents in the IT/OT ticketing system.Manages OT security incidents throughout their lifecycle to closure.Coordinates with other, remote technical teams to investigate, document, and resolve issues.Makes recommendations for ongoing tuning and updates to the SIEM system.Receives input from threat intelligence sources and analyzes events to identify threats and risks.Supports ad-hoc data and investigation requests.Conducts security and vulnerability scans as directed using established processes.DoD 8140/8570 IAT Level II certification.Must be able to obtain/maintain a Secret security clearance; US citizenship required.Ability to work onsite daily.Ability to clearly present and communicate technical approaches and findings.Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).Familiarity with MITRE Att&ck Framework.Strong understanding of OSI model, network security concepts, security classification guides, and CJCSM 6510.01B concepts and activities.
Preferred Qualifications:
Advanced degree preferred.Active Secret clearance.DoD experience.Tenable.SC Specialist Certification, Tenable.OT Specialist Certification, Dragos Platform Certified User (DPCU), or Dragos ICS-OT Cybersecurity Training.ICS/OT penetration testing experience.System administration experience and IT certifications in Linux or Microsoft are a plus.Experience with networking protocols, design (switches, routers, firewalls, etc.) and terminology, or network administration is a plus (Cisco, Juniper, Ubiquiti etc.).Understanding of the Purdue model, Industrial Control Systems, and Operational Technology is desired.Education/Experience:
Bachelor’s degree in related field with an advanced degree preferred.DoD 8140/8570 IAT Level II certification required.Work Conditions:
Primary Location: Military Ocean Terminal Concord (MOTCO) in Concord, CA.Work Model: 100% on-site support.Travel: 10%.Candidate must be a U.S. Citizen. Current SECRET security clearance is required for consideration. The maximum rate for this position is $135,000 based on experience and required qualifications. This is a full-time position located in Concord, CA.
#J-18808-Ljbffr
Required Qualifications:
Submits and tracks all service tickets submitted internally and externally for Operational Technology (OT) systems.Monitors/logs SOC Request/CNOC actions and response.Assists in OT investigations of significant incidents and reporting.Submits and tracks all service tickets submitted on behalf of customer internally and to external organizations.Provides timely acknowledgement of SOC service requests, problem identification, root cause analysis, escalation, resolution, and closure for all SOC service requests in accordance with SLAs and OLAs.Escalates OT cyber incidents that require further in-depth analysis to SOC Incident Analysis.Categorizes and prioritizes OT cyber events and other SOC service requests.Documents and tracks incidents in accordance with reporting procedure and archives historical OT SOC data.Provides situational awareness on OT cybersecurity-related issues impacting enterprise policies and procedures.Provides monitoring and analysis of OT SIEM events to identify potential security risks and vulnerabilities.Triages events and investigates to identify OT security incidents.Logs security incidents in the IT/OT ticketing system.Manages OT security incidents throughout their lifecycle to closure.Coordinates with other, remote technical teams to investigate, document, and resolve issues.Makes recommendations for ongoing tuning and updates to the SIEM system.Receives input from threat intelligence sources and analyzes events to identify threats and risks.Supports ad-hoc data and investigation requests.Conducts security and vulnerability scans as directed using established processes.DoD 8140/8570 IAT Level II certification.Must be able to obtain/maintain a Secret security clearance; US citizenship required.Ability to work onsite daily.Ability to clearly present and communicate technical approaches and findings.Familiarity with backup operations and processes for data protection, disaster recovery, and failover procedures (COOP/DR).Familiarity with MITRE Att&ck Framework.Strong understanding of OSI model, network security concepts, security classification guides, and CJCSM 6510.01B concepts and activities.
Preferred Qualifications:
Advanced degree preferred.Active Secret clearance.DoD experience.Tenable.SC Specialist Certification, Tenable.OT Specialist Certification, Dragos Platform Certified User (DPCU), or Dragos ICS-OT Cybersecurity Training.ICS/OT penetration testing experience.System administration experience and IT certifications in Linux or Microsoft are a plus.Experience with networking protocols, design (switches, routers, firewalls, etc.) and terminology, or network administration is a plus (Cisco, Juniper, Ubiquiti etc.).Understanding of the Purdue model, Industrial Control Systems, and Operational Technology is desired.Education/Experience:
Bachelor’s degree in related field with an advanced degree preferred.DoD 8140/8570 IAT Level II certification required.Work Conditions:
Primary Location: Military Ocean Terminal Concord (MOTCO) in Concord, CA.Work Model: 100% on-site support.Travel: 10%.Candidate must be a U.S. Citizen. Current SECRET security clearance is required for consideration. The maximum rate for this position is $135,000 based on experience and required qualifications. This is a full-time position located in Concord, CA.
#J-18808-Ljbffr